It's interesting to see ICANN - the Internet Corporation for Assigned Names and Numbers - finally getting around to condemning the practice of redirecting Internet users to a third-party Web site or portal when they misspell a Web address and type a domain name that does not exist. This practice has been going on with a number of ISPs since the first Web browsers started appearing in the mid-to-late-1990s. The ISP reroutes weren't malicious, however, but merely tried to be helpful - with a lit... [More]

Our colleagues over at Symantec have uncovered an interesting - and potentially devastating - new Trojan that uses Facebook to communicate with a command and control (C&C) server. C&C servers are a type of hacker server that allows a botnet's originator (herder) to control an infected botnet group remotely. This is usually carried through the use of Internet Relay Channels (IRCs) that link from infected PCs to the C&C server. The Trojan malware - which is being called Whitewell - ... [More]

Hackers are getting more and more clever, it seems, as they use ever-more convoluted methods to ensnare Internet users into their web of malware and revenue-sapping nastiness. A blog item from our colleagues over at Sophos reveals the latest malware injection attack that has infected thousands of Web sites with malicious iFrames. Whilst iFrames are nothing new - Finjan reported this attack methodology as coming top in its attack charts in 2007 - this particular attack hides itself behind a Jav... [More]

Over the weekend, the Guardian Jobs website, one of the top five employment sites in the UK with two million users logging in every month, was hacked. In a statement posted online, The Guardian stated that it had been “assured by our provider that the system is now secure and we have identified and contacted everyone who may have been affected”. It went on to admit that as many as half a million users may have had data compromised, all of whom had now been emailed. As Finjan, we hav... [More]

Speaking at the Gartner Symposium in Florida this week Carol Rozwell, a Gartner vice president, told delegates that banning access to social media from the corporate network is futile. She said that companies shouldn't block social networking and that security shouldn't completely lock down communications with the outside world. She argued that even if information technology authorities want to shut down such activity, they can't. “While a job may be regarded as an economic transaction, t... [More]

Strong passwords pose a challenge for web users. They need it to avoid hackers cracking it and then accessing and steaing their data. We at Finjan have covered this subject various times. Research shows that between 40 and 78 per cent of passwords are susceptible to dictionary attacks. Although not a magic bullet, a strong password does help users to remain safe. It’s not only cybercrooks who want to crack passwords – employers and law enforcement can have legitimate reasons to do s... [More]

It is a sign of times that the FBI announced October to be Cybercrime Awareness Month. It underlines again the huge impact that cybercrime has around the world. During this month, the FBI will discuss ways how netizens can make themselves, their businesses and their families safer online. The cybersquad special agents especially warn for the darker side of social networking. Posting images, text or other information online can get social network users in trouble. One example they provided is ... [More]

The latest generation of smartphones is being targeted by criminal hackers to gain access to user credentials. The reason is simple – the number of smartphones is rapidly growing, allowing users to surf the internet, shop online and email from their phones. This has created a fertile market for hackers to exploit – similar to targeting PCs to steal data that they can use for their profit. A recent survey conducted by YouGov shows, that 60 per cent of modern mobile phones contain som... [More]

A fake suicide drama staged by a hacker - using someone else's Facebook account last week - illustrates again that some criminal elements abuse social networks for their own political or criminal activities. In the Facebook incident of last week, the account of Debbie Lee was hacked while she was on a camping trip 100 miles from home. The hacker abused her account by posting a range of suicide messages. They included “I don't want a funeral or memorial, I want it to be like I never existe... [More]

Reports from IT security vendor PandaLabs indicate a new variation of an old theme. A group of cybercrooks was offering their hacking services on Facebook. For a reported $100, a potential hacker could purchase information how to hack a specific Facebook account. But it looks like the purchase is a bogus one, and potential hackers are scammed. It’s a new variation on the effective social engineering tactic – this time aimed to scam the scammer. Criminal hackers keep on finding new w... [More]