CoreTrace WhiteSpace

The Application Whitelisting and Security Weblog

Custom malware is the foundation of today’s targeted cyber attacks… Just ask the Treasury!

Cyber crime has evolved from mass attacks intended to wreck havoc and steal as much data as possible to highly targeted attacks looking for specific information from an organization. Custom malware, designed to bypass legacy endpoint security, forms the foundation of these attacks. As a result, these calculated attacks are becoming more dangerous for the businesses and government entities hackers are targeting. ( Read More… )

Please use the comment form and leave your thoughts!

Top endpoint security stories for April 2010 – April sees cyber crime in full bloom

April showers may bring May flowers, but the Internet also saw something else in full bloom — cyber crime. Computer systems around the globe experienced a variety of problems in April ranging from more fake antivirus software to malicious code that avoids detection from search engine Web crawlers. But none were as big as a well-publicized faulty security update that crashed thousands of computers and became a public relations nightmare for one of the world’s top security software makers. Here were some of the top security stories from April 2010: ( Read More… )

Please use the comment form and leave your thoughts!

Defective McAfee update could have been avoided. Here’s how…

Yesterday, we saw yet another example of how antivirus — not malicious code — can leave thousands of PCs useless.

What intended to be a routine McAfee software update to its antivirus definitions for corporate customers has likely turned into a costly nightmare for the antivirus software maker and many of its customers. Instead of updating the security software, the faulty virus definitions removed the Svchost.exe file, a critical component of the Windows operating system. ( Read More… )

Most recent comment:   Tim Bolton

The Whitelist product I used did not allow changed files to run until they were approved. In my case ...

In 2009, Symantec stopped 100 attacks per second… wonder how many were missed?

If you haven’t already come across Symantec’s new Internet Security Threat Report (ISTR), ponder this — in 2009, the world’s largest security software maker blocked an average of 100 potential attacks per second. In the article, “Cybercrime’s Financial and Geographic Growth Shows No Slowdown during the Global Economic Crisis,” last year hackers were more active than ever. According to Stephen Trilling, senior VP of Symantec’s Security Technology and Response Division, the continuing growth of more sophisticated cyber threats has become an international problem that we can no longer afford to ignore. ( Read More… )

Please use the comment form and leave your thoughts!

From the “what more proof do you need?” file: 90% of the most secure firms may be affected by botnets…

An RSA study released on Wednesday claims that most major U.S. corporations — including up to 88% of Fortune 500 companies — may be affected by botnet activity from computers compromised by the Zeus Trojan.

In the article, “88 percent of firms show Zeus botnet activity,” RSA’s FraudAction Anti-Trojan services analyzed data stolen by Zeus from infected computers that included IP addresses and emails that belonged to the corporations. Among the stolen data found on the sites where infected computers drop the stolen data was compromised email addresses from about 60% of the firms. ( Read More… )

Please use the comment form and leave your thoughts!