A major antispam organization is pushing a set of new best practices for ISPs (Internet service providers) to stop increasing volumes of spam from botnets.

The guidelines, from the Messaging Anti-Abuse Working Group (MAAWG), were drawn up at a meeting in Germany last week and deal with forwarded e-mail and e-mail that is sent from dynamic IP (Internet Protocol) addresses.

Many people forward their e-mail from one address to another, a relay that goes through their ISPs mail server. But many ISPs use automated tools that could begin blocking further e-mail to an address if a large volume of e-mail has come through. Legitimate messages would be blocked, too.

"If a spammer targets AOL, a lot of people have AOL addresses redirected somewhere else," said Richard D.G. Cox, CIO for Spamhaus, an antispam organization that's a member of MAAWG. "So if a whole lot of spam is coming out of AOL, people will block it on automated basis."

ISPs can fix this by separating the servers that receive e-mail and ones that then forward e-mail. That way, ISPs can filter out spam coming into the accounts before forwarding, taking a look at the messages and spotting which ones came from dodgy domains, Cox said.

Posted by Annette King in Adware, Spyware and Trojans at 13:31

Having been in the job just over a year, Dave DeWalt, president and CEO of McAfee, visited Australia to discuss the APAC region’s security threat landscape. The statistics he explained were pretty amazing, did you know that in 2007 40 percent of all malware was written that year? So basically in the history of computing, 40 percent of malware occurred just last year.

“We saw more than a 60 percent increase year-over-year from 2006 to 2007 and we are expecting to see almost a 100 percent increase from 2007 to 2008. The current trends, only six months into it, is that we are seeing a doubling from 2007 to 2008 in the amount of malware that we receive,” said DeWalt.

This probably comes as no surprise to anyone that has checked their spam filter lately. He also highlighted key issues such as data loss and identity fraud.

“In so many ways it’s the educational side that is evolving so dramatically that many of the consumers just don’t understand the new threat landscape that’s occurring for them until they’ve experienced it themselves,” said DeWalt.

Does this mean that Australian consumers and businesses aren’t aware that they continuously need to update their security processes? You’d think it would start to break through to the smaller end of the SMB market that their security policy should extend beyond their anti-virus. Alot of education still needs to be done in this space. That’s not to say that anti-virus should be considered any less valuabe. As DeWalt pointed out, USBs can be infected and anti-virus should always be run before you load any files onto your computer. How many businesses have prevention methods in place to make sure employees do that?

By Helen Frost

Original Story

Posted by Annette King in Adware, Spyware and Trojans at 15:09

Two high-profile tennis websites are among scores of victims of a new wave of SQL injection attacks. The website of game regulators ITF and ATP, the professional players tour, were hit by automated attacks in the run-up to this week's Wimbledon championship.

The ITF (International Tennis Foundation) website has since been cleaned up but the ATP website remains dirty, according to Fraser Howard, a security researcher at Sophos who's tracking the attacks. Howard explained that hackers used search engines and automated tools to hunt for vulnerable sites. The timing of the infection of the tennis websites is therefore just a coincidence.

SQL injection attacks are commonly used by hackers to booby-trap legitimate websites with exploits designed to load malware onto the PCs of vulnerable machines. This type of attack, called a drive-by download, is becoming increasingly common.

Posted by Sean Cannon at 14:51

The first half of 2008 witnesses a growing number of targeted malware attacks on individuals, companies and organisations, shares F-Secure.

Wednesday, June 25, 2008: In its 2008 first half data security summary, F-Secure has reported malware growth rate at a higher level than ever before, with amount of malware reaching 900,000 in the end of June 2008. This recent explosion of malware doesn't necessarily represent new types of threats. It is largely the packing, encryption and obfuscation of existing families of trojans, backdoors, exploits and other threats which is now done with industrial efficiency. What the increasing use of self-defence technologies in malware represents is the ever-growing professionalism within the crime-ware community.

Posted by Sean Cannon at 10:38