DataBank: Threat Report | SC Media

DataBank: Threat Report

August 14, 2006

Hacker activity across the globe, plus a round-up of security-related news.

During June, 25 million Directory Harvest Attacks (DHAs) were blocked. A15 per cent spike between 17 and 25 June was attributed to threecampaigns: attempts to find recipients for FIFA spam; the growing volumeof image-only spam containing stock offers; and attempts to exploitcorporate domain names as the "sender" of the spam.

Source: Postini

US - The U.S. State Department said it was investigating "anomalies" inits unclassified computer system, according to reports by major wireservices. The department found significant break-ins of computers usedto work on international relations with China and North Korea, accordingto a report by Associated Press.

US - A Washington D.C. law and lobbying firm has filed a lawsuitclaiming IBM and an unidentified employee tried to hack into its emailserver. Butera & Andrews states in a court filing that last November it"became aware of facts which suggested that the email server throughwhich the firm operated had been compromised by unauthorised parties."Investigators hired by the firm uncovered more than 42,000 attempts tohijack its email server, all traceable to an IP address at IBM in NorthCarolina.

Ireland - Less than one in five Irish internet users believe that thecompanies and banks they transact with online are currently doing enoughto protect them from personal identity theft. Of this group, 40 per centdon't know if these companies are doing anything to protect theiridentity, according to a new survey by software firm CA.

Europe - Teenagers are putting their home PC security at risk bydownloading music and videos, according to new research. A survey byanti-virus company McAfee of 615 teenagers across six European countriesfound that 40 per cent are unconcerned by the risks of viruses and otherthreats when downloading music or video content.

Russia - A spam campaign spreading false rumours of President Putin'sdeath was an attempt by hackers to infect PCs with a trojan. Embedded inthis spam was a hidden script that exploits the ADODB.Streamvulnerability in Microsoft Internet Explorer to secretly download themalicious Dloadr-ZP trojan from a Russian website.

South Africa - A lawyer claimed that the country's banks are floutingits anti-cybercrime Electronic Communication Transaction (ECT) Act bydisclaiming liability when a customer's account is hacked. ReinhardtBuys, an IT lawyer and cybercrime expert said banks were not fullyreimbursing customers after being hacked. Buys stated that, undersection 43 of the act, a bank is liable for any damage caused to itsclients.

Malaysia - Microsoft plans to give hackers a sneak peak at new securityfeatures in its forthcoming Windows Vista operating system later thisyear. Dhillon Andrew Kannabhiran, who organises hacking conferenceHack-in-the-Box, said the company will be seeking advice from delegatesat the conference to fix bugs before the final release of thesoftware.

Australia - Drivers in New South Wales are using the internet to tradedemerit points in a bid to keep hold of their driving licences,according to reports. The scam has led to the New South Wales Roads andTraffic Authority (RTA) launching an investigation. The authority wasconsidering increasing penalties for drivers who use the internet totrade points.

prestitial ad