Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Threat Landscape Report Sees Spam Return After Botnet Takedown

Fortinet : 08 July, 2011  (Technical Article)
Fortinet's threat landscape report focuses on the returned high levels of spam and the Fraudload.OR virus

Fortinet has released its latest Threat Landscape report, which details data breaches and attacks such as Sony Europe being hit by another SQL injection attack, the International Monetary Fund (IMF) suffering a critical data breach, hacktivism group LulzSec’s continued attack on the US government and the rise of spam despite a three month decline.


The most prominent virus FortiGuard Labs detected during the month of June was, once again, Fraudload.OR, which frequently disguises itself in the form of fake antivirus software, though it also has the ability to download other Trojans and malware to an infected user’s system. Fraudload.OR accounted for more than one third of new malware incidents during the last few weeks.


Fraudload.OR has been very active for nearly two months, no doubt fuelled by the success FakeAV loaders like Fraudload.OR have realized. Recently, bank accounts belonging to a FakeAV operator were frozen by the US District Attorney. Nearly $15M USD was in those accounts, highlighting the wealth such operators can achieve using a scam that is now well over three years old.


Also at the top of the attack charts was MS.IE.CSS.Self.Reference.Remote.Code.Execution (CVE-2010-3971). This vulnerability affects Internet Explorer 8 and earlier versions and is triggered simply by viewing a webpage that hosts a malicious CSS style sheet. Most activity for this attack was observed mid-month particularly in Algeria and South America.


“We are indeed entering a new era of cybersecurity, one where proactive measures are being put in place and this month’s attacks show the importance of keeping patches up-to-date to help avoid exploitation by malicious code,” said Derek Manky, senior security strategist at Fortinet. “It’s also important to employ an IPS solution to help block malicious code looking to exploit vulnerable software and a Web application firewall to help protect your public facing digital assets.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo