Having been in the job just over a year, Dave DeWalt, president and CEO of McAfee, visited Australia to discuss the APAC region’s security threat landscape. The statistics he explained were pretty amazing, did you know that in 2007 40 percent of all malware was written that year? So basically in the history of computing, 40 percent of malware occurred just last year.

“We saw more than a 60 percent increase year-over-year from 2006 to 2007 and we are expecting to see almost a 100 percent increase from 2007 to 2008. The current trends, only six months into it, is that we are seeing a doubling from 2007 to 2008 in the amount of malware that we receive,” said DeWalt.

This probably comes as no surprise to anyone that has checked their spam filter lately. He also highlighted key issues such as data loss and identity fraud.

“In so many ways it’s the educational side that is evolving so dramatically that many of the consumers just don’t understand the new threat landscape that’s occurring for them until they’ve experienced it themselves,” said DeWalt.

Does this mean that Australian consumers and businesses aren’t aware that they continuously need to update their security processes? You’d think it would start to break through to the smaller end of the SMB market that their security policy should extend beyond their anti-virus. Alot of education still needs to be done in this space. That’s not to say that anti-virus should be considered any less valuabe. As DeWalt pointed out, USBs can be infected and anti-virus should always be run before you load any files onto your computer. How many businesses have prevention methods in place to make sure employees do that?

By Helen Frost

Original Story

Posted by Annette King in Adware, Spyware and Trojans at 15:09

Two high-profile tennis websites are among scores of victims of a new wave of SQL injection attacks. The website of game regulators ITF and ATP, the professional players tour, were hit by automated attacks in the run-up to this week's Wimbledon championship.

The ITF (International Tennis Foundation) website has since been cleaned up but the ATP website remains dirty, according to Fraser Howard, a security researcher at Sophos who's tracking the attacks. Howard explained that hackers used search engines and automated tools to hunt for vulnerable sites. The timing of the infection of the tennis websites is therefore just a coincidence.

SQL injection attacks are commonly used by hackers to booby-trap legitimate websites with exploits designed to load malware onto the PCs of vulnerable machines. This type of attack, called a drive-by download, is becoming increasingly common.

Posted by Sean Cannon at 14:51

The first half of 2008 witnesses a growing number of targeted malware attacks on individuals, companies and organisations, shares F-Secure.

Wednesday, June 25, 2008: In its 2008 first half data security summary, F-Secure has reported malware growth rate at a higher level than ever before, with amount of malware reaching 900,000 in the end of June 2008. This recent explosion of malware doesn't necessarily represent new types of threats. It is largely the packing, encryption and obfuscation of existing families of trojans, backdoors, exploits and other threats which is now done with industrial efficiency. What the increasing use of self-defence technologies in malware represents is the ever-growing professionalism within the crime-ware community.

Posted by Sean Cannon at 10:38