Internet Security Online

From the article

Despite computer virus infection rates dropping by 33 per cent over the past two years, security issues are still causing businesses downtime and financial loss, according to a new government survey.

In the past two years, virus infections have been the cause of 50 per cent of businesses’ worst security incidents, says the Information Security Breaches 2006 survey, conducted by the Department of Trade and Industry (DTI) and PriceWaterhouseCoopers.

The network security firm Sophos estimates that an unprotected computer has a 40 percent chance of being infected by a malicious worm within 10 minutes of being connected to the Internet. After an hour, the odds rise to 94 percent.

The use of keylogging software for criminal purposes appears to be hitting the major media. Using a recent police bust in Campina Grande, Brazil, as a jumping-off point, the New York Times (free registration required) presents an interesting look at the growing phenomenon of cybercrime by keylogging software.

From the article:

It’s no coincidence that not long after security vendors began beating the drum about possible exploits of the Mac OS X operating system, unpatched flaws were uncovered, an analyst suggested Monday.

Rob Enderle, principal at the Enderle Group, reacted to the recent news of a pair of worms aimed at Mac OS X and a zero-day vulnerability of Apple Computer’s operating system with accusations that the security industry hypes the danger in order to sell more security software.

From the article

180solutions, the controversial adware marketer admitted last week that it was initially unable to identify the rogue affiliate that was installing its Zango software illegally, and in fact found a pair of sites adding Zango to PCs without users’ consent.

Malware attacks is a growing phenomenon. One particular malware that is frighteningly powerful is Haxdoor which is a backdoor pharming rootkit that steals your confidential information.

It can hide its presence (processes and files) on an infected system, so it can be only detected by anti-virus programs that use kernel drivers and by rootkit .

Spammers are testing other waters, such as instant messaging and mobile phone text messaging, as well.

Judge estimates that 10 percent of instant messaging traffic is spam. “It is where e-mail traffic was several years ago,” he says, adding that IM spam is likely to become even more ubiquitous as online messaging networks become interoperable (Microsoft and Yahoo, for example, have announced plans to allow their IM users to communicate with each other). The growing availability of IM services on cell phones will make instant messaging even more appealing to spammers–and vulnerable to viruses spread by spam, warns IMlogic, a messaging security firm.

Apple Computer fans have long loved to point out the safety of using Mac OS X, which has mostly been left alone by hackers. But the recent arrival of three threats has some asking: Is the software’s charmed security life over?

Read the full story here.

Top Threats: Leap.A, Inqtana.A
Executive Summary
Names: Leap.A, Inqtana.A
Affects: Mac OS X

What they do: Neither Leap nor Inqtana are widespread or serious threats. Both are more suggestive than exemplary of the real problem.

When you execute the Leap.A file it displays a message in a Terminal window and then creates a series of files in /tmp:

Robert McMillan of PCWorld writes about a McAfee employer left an uncrypted CD containing sensitive information on thousands of McAfee employers in the back on airline seat last December.

From the article

The auditor for security software firm McAfee may be thinking of buying some security software itself, after one of its employees left an unencrypted CD containing sensitive information on thousands of McAfee employees in the back of an airline seat last December.