The thorny subject of how to tackle cybercrime across Europe has reared its head again with the director of Europol, Rob Wainwright, weighing on in the topic of digital ne’er-do-wells. He’s recommended a course of action that would get regular web users to get directly involved in tracking down cybercrime gangs.

Europol ain't gonna take no more... well they won't after the proper legislation gets through.

A ground breaking experiment in “crowd sourcing”, as Wainwright terms it, will soon be necessary as the extent of the continent’s cybercrime problem is often underestimated in the EU. Continue Reading

It seems that any security firm worth their salt these days spends half their time on Facebook discovering faults. It certainly seems that way from the press releases we get in most days. Anyway, today it’s BitDefender’s turn and its researchers claim that one fifth of Facebook users are exposed to malware contained in their news feeds on a daily basis.

BitDefender said it had detected infections contained in the news feeds of around 20% of Facebook users, though Facebook said it already had steps in place to identify and remove malware-containing links. “Once we detect a phony message, we delete all instances of that message across the site,” the site said in a statement.

Continue Reading

Awkwardly named but very dangerous, the Stuxnet virus is causing a few headlines today with the news that the malware is being traded on the black market and “could have fallen in to the hands of cyber criminals”.

Just when you thought it was safe to go back into Iran’s nuclear power stations…

To be fair, we would have thought that a dangerous piece of software available on the black market would only fall ‘into the wrong hands’. Though maybe there are some charity workers and war heroes operating on the black market as well. Who knows. Anyway… on to the story. Continue Reading

This might get a few Android acolytes all paranoid – a JavaScript vulnerability in the mobile OS has been found which allows some less-than-virtuous websites to retrieve data from a smartphone’s SD card.

Spot of bother for Android users ahoy.

The discovery comes courtesy of security expert Thomas Cannon who, instead of playing five-a-side, shooting ducks or collecting antiques in his spare time, used his downtime to investigate his hunch that there may be a significant fault in Android’s armoury. The vulnerability, he said, is present because of a “combination of factors”, and in a recent blog post he listed those factors as follows: Continue Reading

Another day, another Facebook security blip. This one though is not really the result of a technical glitch but rather a dodgy data broker buying up personal info of Facebook users. The broker had been purchasing identifying Facebook user information from app developers and as a result, Mark Zuckerberg et al have placed some developers on a six-month suspension.

Facebook made the announcement over the weekend on its developer blog, in a post written by company engineer Mike Vernal which firstly emphasises that Facebook “has never sold and will never sell” user information, before adding that it has zero tolerance for data brokers “because they undermine the value that users have come to expect from Facebook”. Continue Reading

Bad news for Firefox users out there, as they’ve been warned that there could be some malware heading their direction if they’re not careful. The news comes after Mozilla confirmed that a new ‘zero-day’ exploit is being used by cyber criminals.

This is exactly what it looks like when Firefox is attacked by malware. Exactly.

The latest critical vulnerability is believed to affect version 3.5 and 3.6 of the Firefox browser, and has already provided opportunity to malware makers. Continue Reading

A Microsoft security expert has warned that Java-based malware attacks are rapidly on the rise. The expert in question, Holly Stewart, has revealed that while working on the company’s Security Intelligence Report she noticed an unprecedented amount of Java exploitation late last year.

“In fact, by the beginning of this year, the number of Java exploits (and by that I mean attacks on vulnerable Java code, not attacks using JavaScript) had well surpassed the total number of Adobe-related exploits we monitored,” she says. This surge of attacks is focused on three vulnerabilities – however the thing that is really getting under Stewart’s skin is that these weaknesses have already been patched but the general public just aren’t updating their PCs. Continue Reading

Earlier in the year we brought you news of a terrible plight befalling a group of previously successful individuals. Yes, the humble burglar had seen his traditional business model crushed by falling technology prices*. Well, now it seems that the threat of physical theft is dropping off for businesses around the globe as well, while the threat of electronic theft rises.

She really should have seen that coming.

Companies have, for the first time, reported they are losing more through electronic theft of data than physical stealing of assets according to risk consultancy firm, Kroll who published this finding in the company’s annual report on international fraud trends. Continue Reading

The PR crowd at security software experts Sophos seem to have been a busy bunch of late, and after blasting Facebook for what they deemed to be overly complex and generally flawed changes to the social network’s ‘Groups’ section, today they have brought out a report that names and shames the worst countries on the planet for relaying spam.

They might like spam, most of us just want rid of it though.

The US is number one on this score according to Sophos, with India second – Ireland meanwhile, comes in at number 50 on the list. Said the report: “Since the second quarter this year, the spam output from the United States has increased significantly from 15.2% to 18.6% of global spam, making the country responsible for nearly one in five junk emails, and meaning that the USA contributes nearly 2.5 times more spam than the next worse offender, India.”

Some of the top spam relaying countries for July to September 2010 are as follows: Continue Reading

Cyber criminals wouldn’t be known for their sentimentality. Most likely they’ve long since abandoned their once treasured copies of ‘Hackers’ and now they’ve gone and dumped the old reliable Zeus botnet.

Instead, the more clued-in software scamps are now using a stronger version of the malware called Bugat which is apparently far harder to detect that the Zeus Trojan… well it is in the sense that companies are now looking out for Zeus more than ever before, while Bugat barely gets a second thought. Continue Reading