Consumer Threats

"Nine-Ball" mass injection attack compromised 40,000 sites

Angela Moscaritolo June 17, 2009

A new threat dubbed "Nine-Ball" has compromised up to 40,000 legitimate websites that are now infecting users with an information-stealing trojan, according to security vendor Websense.
 

Microsoft seeks $750,000 in lawsuit over click fraud

Angela Moscaritolo June 16, 2009

Microsoft on Monday filed a civil lawsuit to stop a click fraud scheme from being perpetrated on its advertising network.
 

Researcher plans to unveil a month of Twitter bugs in July

Dan Kaplan June 16, 2009

A security researcher plans to raise awareness about how third-party developer sites can be exploited to abuse social networking sites, namely Twitter.
 

FTC releases FAQs on Red Flags Rules

Angela Moscaritolo June 12, 2009

A new frequently-asked-questions document aims to clear up some of the confusion around the Red Flags Rules.
 

Symantec, McAfee settle with New York state

Dan Kaplan June 11, 2009

Symantec and McAfee agreed to pay a combined $750,000 to settle charges that their subscription renewal process was deceptive to home users.
 

Heartland, RBS WorldPay lawsuits consolidated

Dan Kaplan June 11, 2009

A federal court body ruled this week on where lawsuits against RBS WorldPay and Heartland Payment Systems will be heard.
 

Microsoft tool kills rogue AV

Dan Kaplan June 10, 2009

The latest Malicious Software Removal Tool, released Tuesday by Microsoft as part of its monthly security update, includes detection and elimination of the Internet Antivirus Pro family of rogue security programs. Like other scareware, Antivirus Pro tries to trick users into believing their computers are infested with malware, according to a post on the Microsoft Malware Protection Center blog. When users run the purported cleanup feature, the program instead infects their machines with a trojan that steals FTP usernames and passwords. — DK
 

Pricewert shutdown brought only short-lived drop in spam

Angela Moscaritolo June 10, 2009

Any spam drop that resulted after the takedown of a rogue internet service provider last week was short-lived, researchers said Tuesday.
 

Sears, FTC settle spyware accusations

Dan Kaplan June 05, 2009

Sears has settled FTC charges that it wrongly collected personal data on consumers.
 

Another round of phishing hits Twitter

Chuck Miller May 27, 2009

After last week's phishing attacks on social networking sites, yet another round has struck Twitter.
 

Setting cybersecurity as a national priority is just the beginning

Greg Masters May 27, 2009

A review of federal cybersecurity policies, scheduled for release Friday, will serve as a call to action for the public and private sectors.
 

OTA seeks comment

Chuck Miller May 20, 2009

The Online Trust Alliance (OTA), an industry group whose mission is to eliminate email and internet fraud, has released for comment a draft document outlining its Online Trust Principles. OTA said the principles listed in the document are a major step toward establishing business practices for greater online protection. After a 30-day comment period and subsequent ratification, OTA plans to work with business and regulatory agencies to drive adoption, according to an announcement describing the initiative. — CAM
 

Red Flags Rules help

Angela Moscaritolo May 15, 2009

The Federal Trade Commission (FTC) has released a template that helps entities with a low risk of identity theft comply with the Red Flags Rules. Low-risk businesses can include those who know their customers personally or provide services at customers' homes. The template provides a 4-step process for implementing an identity theft prevention program. — AM
 

Scam sites increasingly masquerading as Facebook, MySpace

Angela Moscaritolo May 14, 2009

Cybercriminals are tapping into the popularity of social networking to more effectively craft their scams.
 

"Gumblar" website compromises increase 188 percent this week

Angela Moscaritolo May 14, 2009

Thousands of legitimate websites have been infected since late March with code that is silently infecting visitors with malware. And as of this week, the number of compromised websites has skyrocketed.
 

Social Security Administration spoofed in phishing scam

Angela Moscaritolo May 11, 2009

Scammers have spoofed the Social Security Administration's website in a phishing scam targeted at those who will be receiving an economic recovery payment this month.
 

Mass. police snooped on celebrities' records

Angela Moscaritolo May 06, 2009

Massachusetts law enforcement personnel tapped into the state criminal records database and inappropriately viewed the personal records of celebrities on dozens of occasions, according to a state audit released Tuesday.
 

LexisNexis admits to another major data breach

Angela Moscaritolo May 04, 2009

About 32,000 people are being notified that their personal information may have been compromised after a breach at consumer data provider LexisNexis resulted in identity theft and credit fraud, the company has disclosed.
 

Adobe releases update for server-side security flaw

Chuck Miller May 01, 2009

In a second acknowledgement of security vulnerabilities this week, Adobe has released an update to address a potential vulnerability in versions of its Flash Media Server.
 

FTC extends Red Flags Rule enforcement three more months

Angela Moscaritolo May 01, 2009

The day before the Federal Trade Commission was to begin enforcing the Red Flags Rule, the agency announced the deadline for compliance will be extended for the second time, until Aug. 1.
 

Facebook neutralizes phishing attack

Dan Kaplan April 30, 2009

Fraudsters, using hijacked Facebook accounts, tried to lure users of the social networking site into divulging their login credentials.
 

Microsoft changes AutoRun

Dan Kaplan April 29, 2009

Microsoft is planning to update its Windows platforms so that their AutoRun features - one of the preferred vectors for spreading the infectious Conficker worm - does not support USB sticks, the company announced Tuesday. In the next version of the operating system, Windows 7, AutoRun - a technology that automatically runs programs when media is plugged into a PC - only will work for CDs and DVDs. Engineers plan to extend this change to Vista and XP platforms. — DK
 

"Online 911" created to diagnose and deal with cybercrime

Angela Moscaritolo April 28, 2009

McAfee has launched a free Cybercriminal Response Unit (CRU), meant to be an "online 911" where cybercrime is diagnosed and treated.
 

Accused adware purveyor Zango shuttered by bank foreclosure

Greg Masters April 27, 2009

A principal player in the spreading of adware -- software that silently loads advertising onto web users' computers -- has been forced to close down after a decade in business.
 

Children's online safety initiative announced

Angela Moscaritolo April 20, 2009

A new program is encouraging information security experts to educate school children about how to protect themselves online.
 

Mac attack: Bot herders going after Apple computers

Greg Masters April 17, 2009

Bot herders have found a way to infest Mac computers: via pirated software.
 

Waledac kicks off new spam campaign

Chuck Miller April 16, 2009

A new campaign to lure users into downloading malware is running on the Waledac botnet, according to security researchers.
 

Phishing increased 40 percent in 2008

Angela Moscaritolo April 15, 2009

The percentage of people losing money to phishing attacks is higher than ever -- five million consumers in the United States fell victim during 2008, an increase of 40 percent over 2007, according to a new report from Gartner.
 

Twitter worm search poisoned

Dan Kaplan April 15, 2009

Cybercriminals are poisoning results when users search for information on the Twitter worm that was unleashed over the weekend, according to security firm F-Secure. The attackers use search-engine optimization tactics so that their malicious sites -- serving up fake anti-virus software -- rank near the top of results. These types of attacks are not uncommon, as opportunists typically leverage popular news or trendy terms to poison search results, F-Secure said. — DK
 

Twitter worm underscores social-networking vulnerabilities

Chuck Miller April 13, 2009

Twitter was struck by a particularly nasty cross-site scripting worm over the weekend, again bringing to light the threat of client-side attacks across social networking sites.
 

Latest News

« Previous
Next »
Popular Topics
Analyst Reports & Industry Surveys Anti Spam Anti Spyware Anti Virus Apple Threats Application Security Breaches & Exposures Browser Flaws Browsers And Security CAN-SPAM Act Data Loss Prevention Endpoint Protection Facebook Government Industry Surveys Lawbreakers & Cybercrime Malware Mobile Endpoint Security Privacy Privacy Regulation Social Networks Spam Spam Techniques Trojans Vulnerabilities & Flaws