Software Industry Announcements and News
McAfee Labs Predicts Facebook, Twitter Will Be Platforms of Choice for Emerging Threats
[ Comments Off ] Posted on 12.30.09 under Security & Privacy
McAfee Also Foresees HTML 5 Will Attract Attackers, Increased Trojan Sophistication And That 2010 Will Be a Good Year for Law Enforcement’s Fight Against Cybercrime
SANTA CLARA, Calif.–McAfee Inc. (NYSE:MFE) today unveiled its 2010 Threat Predictions report. McAfee Labs believes cybercriminals will target social networking sites and third-party applications, use more complex Trojans and botnets to build and execute attacks, and take advantage of HTML 5 to create emerging threats. McAfee Labs also predicts 2010 will be a good year for law enforcement’s fight against cybercrime.
“We’re now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications and more advanced techniques used by cybercriminals, but we’re confident that 2010 will be a successful year for the cybersecurity community.”
“Over the past decade, we’ve seen a tremendous improvement in the ability to successfully monitor, uncover, and stop cybercrime,” said Jeff Green, senior vice president of McAfee Labs. “We’re now facing emerging threats from the explosive growth of social networking sites, the exploitation of popular applications and more advanced techniques used by cybercriminals, but we’re confident that 2010 will be a successful year for the cybersecurity community.”
McAfee Labs Threat Predictions for 2010:
Social Networks Will Be Platform of Choice for Emerging Threats
Facebook, Twitter, and third-party applications on these sites are rapidly changing the criminal toolkit, giving cybercriminals new technologies to work with and hot spots of activity that can be exploited. Users will become more vulnerable to attacks that blindly distribute rogue apps across their networks, and cybercriminals will take advantage of friends trusting friends to get users to click on links they might otherwise treat cautiously. The use of abbreviated URLs on sites like Twitter make it even easier for cybercriminals to mask and direct users to malicious Web sites. McAfee Labs predicts that cybercriminals will increasingly use these tactics across the most popular social networking sites in 2010.
Web Evolution Will Give Cybercriminals New Opportunities to Write Malware
The release of Google Chrome OS and the technological advancements of HTML 5 will continue to shift user activity from desktop to online applications, creating yet another opportunity for malware writers to prey on users. HTML 5’s anticipated cross-platform support also provides an additional motivation for attackers, enabling them to reach users of many mainstream browsers.
Banking Trojans, Email Attachments Delivering Malware Will Rise in Volume, Sophistication
McAfee Labs warns that banking Trojans, having demonstrated new tactics in 2009, will become even more sophisticated in 2010 and easily get around current protections used by banks. New techniques include a Trojan’s ability to silently interrupt a legitimate transaction to make an unauthorized withdrawal and simultaneously check the user’s transaction limits to stay below them and avoid alerting the bank. Email attachments, a longstanding delivery method for malware, will continue to rise in volume and increasingly target corporations, journalists, and individual users.
Cybercriminals Continue to Target Adobe Reader, Flash
In 2009, McAfee Labs saw an increase in attacks targeting client software. Due to the growing popularity of Adobe applications, McAfee Labs expects that cybercriminals will continue to target Adobe products, primarily Acrobat Reader and Flash, two of the most widely deployed applications in the world. McAfee Labs expects Adobe product exploitation will likely surpass that of Microsoft Office applications in 2010.
Botnet Infrastructure Shifts from Centralized Model to Peer-to-Peer Control
Botnets, the versatile infrastructure that launches nearly every type of cyberattack from spamming to identity theft, will continue to use a seemingly infinite supply of stolen computing power and bandwidth around the globe. Following a number of successful botnet takedowns, including the McColo ISP, botnet controllers must adjust to the increasing pressure cybersecurity professionals are placing on them. In 2010, McAfee Labs expects to see a significant adoption of peer-to-peer control, a distributed and resilient botnet infrastructure, rather than the centralized hosting model that we see today. For cybercriminals, the benefits will finally outweigh the costs of the peer-to-peer model, due to the security community’s increasingly aggressive attempts to shut down and deny access to botnets.
Cybercrime: A Good Year for Law Enforcement
Next year marks a decade in the fight that international law enforcement agencies have undertaken against cybercrime. McAfee Labs has seen significant progress in the universal effort to identify, track, and combat cybercrime by governments worldwide. McAfee believes that in 2010 we’ll see many more successes in the pursuit of cybercriminals.
For a full copy of the 2010 McAfee Labs Threat Predictions, please visit: http://www.mcafee.com/us/local_content/white_papers/7985rpt_labs_threat_predict_1209_v2.pdf
About McAfee, Inc.
McAfee, Inc., headquartered in Santa Clara, California, is the world’s largest dedicated security technology company. McAfee is committed to relentlessly tackling the world’s toughest security challenges. The company delivers proactive and proven solutions and services that help secure systems and networks around the world, allowing users to safely connect to the Internet, browse, and shop the web more securely. Backed by an award-winning research team, McAfee creates innovative products that empower home users, businesses, the public sector, and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. http://www.mcafee.com.
BBB, FTC, and Visa Partner to Educate Consumers about Online Scams
[ Comments Off ] Posted on 12.25.09 under Government News, Security & Privacy
Twenty-nine percent of online U.S. consumers victimized by deceptive marketing
Washington, DC – December 17, 2009 – Today Better Business Bureau joined the Federal Trade Commission and Visa Inc. (NYSE: V) in a press conference to alert consumers to online deceptive marketing practices associated with free trials with a negative option feature. According to a Visa survey, 29 percent of American consumers have fallen victim to deceptive marketing when unscrupulous e-commerce merchants require them to cancel or opt-out of a recurring charge for future products or services.
With free trials with a negative option feature, a company takes a consumer’s failure to cancel as permission to begin charging. While many merchants use this billing process appropriately, others pre-check consent boxes, bury the details of the offers in the terms and conditions and make cancellations or returns difficult, catching consumers in a cycle of recurring charges for products and services they do not want.
“Most e-commerce merchants care about their customers and conduct business fairly, but even a few bad actors can cause consumer distrust,” said William M. Sheedy, Group President, The Americas, Visa Inc. “We want to let consumers know more about the protections they have against these types of practices and how to pursue a reversal of charges if they’ve been charged improperly.”
Visa monitors its payment network to identify merchants with excessive levels of cardholder disputes which may indicate the use of deceptive marketing practices. In fact, merchants who use deceptive marketing practices have up to 20 times as many consumer disputes as the average e-commerce merchant. Visa requires the merchant and its bank to take corrective action to reduce excessive consumer disputes, or risk termination of Visa acceptance privileges.
According to Better Business Bureau, consumers should research the business before they buy. “Online trial offers for acai berry supplements, colon cleanser and detox products, teeth whiteners, free government grants and debt consolidation services may sound risk-free, but BBB has received thousands of complaints from people who learned the hard way that a free trial can cost a lot of money in the end,” said Steve Salter, Vice President of BBBOnline. “Before handing over debit or credit card numbers to any business online, shoppers should always check the company’s Reliability Report® first with BBB.”
Visa, the FTC and BBB offers tips to online shoppers on how to spot deceptive free trial offers and deceptive negative option features, and how to deal with unauthorized charges:
* Take time to read and understand all terms and conditions, so a free trial doesn’t turn into a costly purchase you didn’t intend to make.
* Pay particular attention to any pre-checked boxes before you submit your payment card information for an order. Failing to un-check the boxes may bind you to terms and conditions you’re not interested in.
* Review card statements when you get them for any unauthorized charges, and notify the card issuer promptly of any unusual activity or unauthorized charges.
* Try to resolve the situation with the merchant. If you’re unsuccessful, contact the card issuer immediately to dispute the charge.
David Vladeck, Director of the Bureau of Consumer Protection said, “Online shoppers: If you see charges on your statement or debits that you didn’t authorize, fight it. Start by contacting the merchant. If you are unable to contact the merchant or they can’t or won’t help, call your card issuer and then file a complaint with the FTC. You can do that online at ftc.gov or by phone at 1-877-FTC-HELP.”
The FTC has outlined five principles regarding the appropriate use of negative options, which call for:
* Disclosing material terms in an understandable manner, without making them unnecessarily long or inconsistent;
* Making the disclosures clear and conspicuous by placing them where consumers are likely to look on Web pages, by labeling disclosures (and links to them) to indicate their importance and relevance, and by using easy-to-read fonts and colors;
* Disclosing the offer’s material terms before the consumer incurs a financial obligation;
* Getting consumers’ affirmative consent to the offer by, for example, having them click “I Agree” And without relying on pre-checked boxes;
* Not impeding the effective operation of promised cancellation procedures and honoring cancellation requests that comply with such procedures.
Consumers who think they’ve been victims of deceptive marketing and who haven’t been able to resolve the issue directly with the merchant should call their card issuer to dispute the charge. They also may report their experiences to the FTC at www.ftc.gov/complaint or their local BBB at www.bbb.org. More information is available at www.visa.com/negativeoption.
Pop-up Advertisements Offering Anti-virus Software Pose Threat to Internet Users
[ Comments Off ] Posted on 12.23.09 under Government News, Security & Privacy
An ongoing threat exists for computer users who, while browsing the Internet, began receiving pop-up security warnings that state their computers are infected with numerous viruses.
These pop-ups known as scareware, fake, or rogue anti-virus software look authentic and may even display what appears to be real-time anti-virus scanning of the user’s hard drive. The scareware will show a list of reputable software icons; however, the user cannot click a link to go to the actual site to review or see recommendations.
The scareware is intimidating to most users and extremely aggressive in its attempt to lure the user into purchasing the rogue software that will allegedly remove the viruses from their computer. It is possible that these threats are received as a result of clicking on advertisements contained on a website. Cyber criminals use botnets to push the software and use advertisements on websites to deliver it. This is known as malicious advertising or malvertising.
Once the pop-up appears it cannot be easily closed by clicking “close” or the “X” button. If the user clicks on the pop-up to purchase the software, a form is provided that collects payment information and the user is charged for the bogus product. In some instances, whether the user clicks on the pop-up or not, the scareware can install malicious code onto the computer. By running your computer with an account
that has rights to install software, this issue is more likely to occur.
Downloading the software could result in viruses, Trojans and/or keyloggers being installed on the user’s computer. The repercussions of downloading the malicious software could prove further financial loss to the victim due to computer repair, as well as, cost to the user and/or financial institutions due to identity theft.
The assertive tactics of the scareware has caused significant losses to users. The FBI is aware of an estimated loss to victims in excess of $150 million.
Be cautious — cyber criminals use easy to remember names and associate them with known applications. Beware of pop-ups that are offering a variation of recognized security software. It is recommended that the user research the exact name of the software being offered.
Take precautions to ensure operating systems are updated and security software is current.
If a user receives these anti-virus pop-ups, it is recommended to close the browser or shut the system down. It is suggested that the user run a full, anti-virus scan whenever the computer is turned back on.
If you have experienced the anti-virus pop-ups or a similar scam, please notify the IC3 by filing a complaint at www.IC3.gov.
SharewareRadio.com interviews PayPal
[ Comments Off ] Posted on 12.22.09 under ASP Member Companies, Development, Web Sites
SharewareRadio.com interviews PayPal
News Reports:
Facebook gives users more control of privacy
AOL goes it alone, at last
Twitter to host developer conference
Google debuts news story experiment
The Kiss My Butt Award of the Week
This week it goes to French President Nicolas Sarkozy
This week’s Interview
This week’s guest is Sven Kappel. Sven is a merchant services sales engineer at PayPal.
This interview was held in Berlin at ESWC 2008
Outlook Recovery by SoftAmbulance: Smooth Outlook Data Recovery
[ Comments Off ] Posted on 12.19.09 under Development
December 18, 2009 – SoftAmbulance Data Recovery announces the release of SoftAmbulance Outlook Recovery. This new solution recovers deleted or corrupted Microsoft Outlook files and databases, first providing the user with the preview of repairable data. Outlook Recovery is able to repair as much data as possible: messages, attachments, address books and calendar entries. The straightforward step-by-step interface is the example of clarity and convenience.
The new recovery tool by SoftAmbulance Data Recovery is designed for smooth and comprehensive recovery of Outlook databases, which have been deleted, lost, or damaged due to hard drive crash or power failure. SoftAmbulance Outlook Recovery is able to locate the databases automatically on any drive or memory device, even if it is damaged and, consequently, not readable. Corrupted databases go through careful repair process, so that all messages, attachments, address books, etc. are repaired.
Besides, Outlook Recovery supports export of Outlook data to .PST, .OST, .DBF and .EML formats, so that the recovered databases can be used with programs other than Microsoft Outlook (e.g. Outlook Express or any e-mail application supporting .EML files).
To check if Outlook Recovery is powerful enough to recover necessary files, one should use the preview feature: it displays all that can be recovered including archive contents and pictures. Before purchasing the license it is recommended to download the trial edition and to try it out.
Pricing and Availability
SoftAmbulance Outlook Recovery is compatible with Windows 95, 98, ME, 2000, XP, Vista, 2003 and 2008 Server. It can also recover databases in Microsoft Outlook 2003 and 2007 formats. A single-user license costs 79.95 USD. Further information on the product, as well as its free trial edition, is available at http://softambulance.com/outlook_recovery_pst/outlook_recovery_features.php
About SoftAmbulance
Founded in 2005, SoftAmbulance Data Recovery Company is a software developer specializing in convenient yet powerful recovery tools for home users. The major products by SoftAmbulance are Partition Doctor, File Recovery and Photo Undelete. For more information on the company and its products please visit http://softambulance.com
SharewareRadio.com interviews WinRAR’s Burak Canboy
[ Comments Off ] Posted on 12.19.09 under ASP Member Companies, Web Sites
SharewareRadio.com – Dec. 3 – WinRAR Interview
News Reports:
Intel puts cloud on single megachip
Malware causes black screens: Microsoft
EFF sues feds for info on social-network surveillance
‘Spam gang’ leader faces $15m fine
British hacker could be extradited to US
The Kiss My Butt Award of the Week
This week it goes to the British Judge Hetherington
This week’s Interview
This week’s guest is Burak Canboy. Burak’s company is WinRAR.
This interview was held in Boston at SIC 2009.