UGN safenet UGN safenet
While America sleeps, and the drive-by media obsesses over who will buy the U.S. presidency, billions of internet users' dollars are being put to work for online crime... and ICANN, the people who bring you the internet, are planning their escape from Washington, D.C. ... Not good news!
The Russian government is looking to create a Cyrillic internet, but is it just another case of Big Brother controlling its citizens?
The growing cold war with Russia has a new front besides oil fields and undersea territorial claims: the internet. Russia's government is pushing for greater control over the Russian-language part of the net - and its aim seems to be to create a web that operates in Cyrillic, completely independent from the wider web. Gavin Knight, The Guardian
Hackers for the first time are targeting the popular social networking site Facebook with a phishing scam that harvests users' login details and passwords.
Some Facebook users checking their accounts Wednesday found odd postings of messages on their "wall" from one of their friends, saying: "lol i can't believe these pics got posted.... it's going to be BADDDD when her boyfriend sees these," followed by what looks like a genuine Facebook link -- But the link leads to a fake Facebook login page hosted on a Chinese .cn domain. The fake page actually logs the victims into Facebook, but also keeps a copy of their user names and passwords. By Ryan Singel
Security researchers say 2007 was the year online criminals showed off how smart and dangerous they can be. Anti-virus vendor F-Secure added 250,000 new signatures to its malware database this year -- as many as the company added in its first 20 years combined. That explosion didn't come from hordes of hackers feverishly writing new programs to steal password and credit card numbers, though. Instead, hackers perfected automated tools that wrapped old exploits in new gift boxes -- sometimes changing the appearances of files offered as downloads as quickly as every five minutes. By Ryan Singel
Public Act 095-0350, creating the Anti-Phishing Act went into effect this year. The new law makes it illegal to use the Internet or Internet-based communication to falsely identify oneself as a business in order to obtain personal information. To bolster this act, Public Act 095-0413, prevents anyone that is using Internet caller identification to make a false name appear on the caller ID of the recipient. Together, these measures are meant to deal a blow to Internet scam artists. Canton Daily Ledger - Canton, IL, USA
Phishers are casting their lines with a spoofed e-mail message claiming to be from the National Payroll Reporting Consortium. The official-looking message claims that the recipients' company has made numerous misrepresentations regarding worker classification in an attempt to fraudulently lower workers' insurance compensation costs. CRN - Manhasset, NY, USA
The Storm Worm botnet has a new trick for 2008, using its huge collection of infected computers to send out phishing emails directing people to fake banking sites that it cleverly also hosts on the computers it remotely controls. The phishing campaign caught the attention of both F-Secure and Trend Micro, who say Storm has never been involved in phishing up to this point. The new campaign may indicate, according to F-Secure, that Storm's controllers have figured out how to divide the massive army into clusters which it is now renting out to others. Wired News - USA
Human error and evolving phishing attacks will compel organizations to tighten control over application access, not just user access.
Guardian Digital forecasts an increased need for comprehensive control over Internet and employee resources with 'least privilege' engineering in 2008. "Most vendors don't stress least privilege enough in their development architecture, especially with the increasing threats from human error and employee liability" says CEO Dave Wreski. "Security in 2007 has shown just how effective attackers can be at gaining authorized access to corporate resources. One of the best ways to protect against this is to lock down application access, not just user access." Ryan Berens of Guardian Digital
Return to: the top of this page, or the INDEX for this department
Exit to: The User Group Network front page
Contact: The Editor, Webmaster or Membership Director
* Discuss Photoshop
* Discuss Desktop Publishing
* Critique your Web Site