Archive for February 28, 2012

RB | February 28, 2012
No comments

Romney Defeats Gingrich in US Spam Primaries

SPAMJust in time to get rid of all the annoying political ads on TV and radio leading up to the Michigan primary, GOP presidential wannabe Mitt Romney has been crowned King of political spam. His high-profile run as the leader for the 2012 nomination for the US presidential election has made him popular with spammers.

GOPMitt Romney, is also the favorite politician of spammers touting knockoff drugs and dubious bargains in junk e-mail according to a Bitdefender analysis of 8 million unsolicited messages spread in January.

Romney is mentioned in 45 percent of spam messages that reference US politics, ahead of second-placed Republican Newt Gingrich, who scored 33 percent,

SPAMRomney’s name was most often used in scam messages that advertise low-interest loans or free credit score analysis while Gingrich was mentioned in junk mail promoting miraculous energy-saving devices that almost certainly don’t exist. The article says most of these offerings actually redirect the unwary user to survey site scams or knockoff drugs for sexual dysfunctions.

US Republican hopeful Ron Paul came third in the BitDefender spammers’ list, with 12.18 percent. The most popular politician outside the Republican race that caught the spammers’ attention this year was Bill Clinton, with 3.99 percent.

Mitt Romney“Winning Most-Mentioned Politician in Bitdefender’s spam survey is probably not an honor that many politicians want,” said Bitdefender E-Threats Analyst Bogdan Botezatu, who coordinated the spam study. “And I don’t think we’ll see spammers suddenly turning into political pundits. But the results could tell us which politicians spammers think are most likely to get a reaction from random e-mail readers. Spammers are, ultimately, after money and they’re essentially making a bet on popularity when they favor one politician’s name over another.”

The author says spam messages often use names of celebrities or politicians in fragments of news items in trying to give credibility to the message and to trick antispam filters that look for the percentage of links versus other words in the message.

In the BitDefender overall analysis of spam not filtered to include only political references – the Republican politicians were handily beat by celebrities including Jay Leno, Eva Longoria, Kobe Bryant, and even political commentator Rush Limbaugh.

rb-

I wrote about spammers hijacking celeb’s identities to spread spam. In the past, Jay Leno  and Heidi Klum have been called the most dangerous celebs on the web.

 

Related articles
Category: Politics, Security | Tags: , , , , , , ,
RB | February 23, 2012
One comment

McAfee Labs 2012 Threat Predictions

Crystal ballComputer security company McAfee unveiled its Threat Predictions report (PDF), outlining the top cybersecurity threats organizations and individuals are likely to face in 2012. McAfee, a wholly owned subsidiary of Intel (INTC), says that for the most part, 2012 looks like it will look like 2011 only worse, with many of the recent threats gaining momentum. Here are the predictions:

Industrial Attacks: Cybercriminals will target Water, electricity, oil and gas utilities. These are essential services to everyday lives, yet many industrial systems are not ready for cyberattacks according to McAfee. Many of the environments where SCADA (supervisory control and data acquisition) systems are deployed don’t have stringent security practices. McAfee predicts attackers will leverage this lack of preparedness with greater frequency, if only for blackmail or extortion in 2012.

Legalized Spam: McAfee Labs says global spam volumes have declined in the past two years. However, legitimate advertisers are picking up where the spammers left off using the same spamming techniques, such as purchasing third-party email lists or databases from companies going out of business. McAfee Labs expects to see this “legal” spam and the technique known as “snowshoe spamming” to continue to grow at a faster rate than illegal phishing and confidence scams.

Mobile Threats: 2011 has seen the largest levels in mobile malware history, McAfee Labs expects that continue in 2012. They expect mobile attackers to improve on their skill set and move toward mobile banking attacks. Techniques previously dedicated for online banking, such as stealing from victims while they are still logged on while making it seem that transactions are coming from the legitimate user, will now target mobile banking users. McAfee Labs expects attackers will bypass PCs and go straight after mobile banking apps, as more and more users handle their finances on mobile devices.

Ames automatic governorEmbedded Hardware: Embedded systems are designed for a specific control function within a larger system, and are commonly used in automotive, medical devices, GPS devices, routers, digital cameras and printers. McAfee Labs expects to see proofs-of-concept codes exploiting embedded systems to become more effective in 2012 and beyond. This will require malware that attacks at the hardware layer, and will enable attacks to gain greater control and maintain long-term access to the system and its data. Sophisticated hackers will then have complete control over hardware.

Cyber terrorCyberwar: Countries are vulnerable due to massive dependence on computer systems and a cyberdefense that primarily defends only government and military networks. Many countries realize the crippling potential of cyberattacks against critical infrastructure, such as water, gas and power, and how difficult it is to defend against them. McAfee Labs expects to see countries prove their cyberwar capabilities in 2012, to send a message.

SSL Certificate keysRogue Certificates: Organizations and individuals tend to trust digitally signed certificates, however, recent threats such as Stuxnet and Duqu used rogue certificates to evade detection. McAfee Labs expects to see the production and circulation of fake rogue certificates increase in 2012. Wide-scale targeting of certificate authorities and the broader use of fraudulent digital certificates will affect key infrastructure, secure browsing and transactions as well as host-based technologies such as whitelisting and application control.

Greedy politicansLegislative Issues: DNSSEC (Domain Name System Security Extensions) are meant to protect a client computer from inadvertently communicating with a host as a result of a man-in-the-middle attack. Governing bodies around the globe are taking greater interest in establishing “rules of the road” for Internet traffic, and McAfee Labs expects to see more and more instances where future solutions are hampered by legislative issues.

Occupy wall stHacktivism: McAfee Labs predicts that in 2012 digital disruptions like Anonymous will join forces with physical demonstrators and will target public figures such as politicians, industry leaders, judges and law-enforcement, more than ever before.

Virtual Currency: McAfee Labs expects cybercurrency will be an attractive target for cybercriminals.  to see threats evolve to steal money from unsuspecting victims or to spread malware.

Hardware Attacks: McAfee Labs expects to see more effort put into hardware and firmware exploits to create persistent malware in network cards, hard drives and even system BIOS (Basic Input Output System). and their related real-world attacks through 2012.

Related articles

Category: Security | Tags: , , , , , , ,
RB | February 21, 2012
No comments

Michigan H1-Bs

MichiganThe Michigan Department of Management, Labor and Technology reports that the December 2011 unemployment rate was 9.3%.This equated to 431,490 known people without a job.  Despite nearly half a million people looking for work, the web site MyVisaJobs.com reports that Michigan icons like the University of Michigan, Wayne State University, Michigan State University, General Motors (GM) and Henry Ford Health Systems filed for nearly 8,300 H-1B visas with an average wage of $74,964

RankH1B Visa SponsorH1B Visa PetitionsAverage Salary
1University of Michigan375$61,708
2Wayne State University152$63,743
3Michigan State University125$61,521
4General Motors93$87,037
5Henry Ford Health System74$79,582
6DMC Education & Research66$63,154
7Jawood Business Process Solutions, Llc50$75,564
8HCL Systems, Inc47$62,415
9The Dow Chemical45$97,600
10Chrysler Group Llc35$84,353
11Michigan Technological University34$66,405
12Whirlpool32$91,028
13Altair Product Design, Inc32$76,441
14Kyyba, Inc.30$56,563
15Engineering Technology Associates, Inc28$61,074

rb-

University of MichiganAs a Michigan Alumni I often wonder about U of M’s commitment to Michigan under President Coleman.

I wrote about the record-setting pace business are shaping up H-1B visa’s here.

Apparently Michigan firms are on the same track. Even Obama is now talking about American’s taking care of Americans, so the oppostion must be against that, so even more outsourcing?

Related articles
Enhanced by Zemanta
Category: Business, Michigan, Out-sourcing | Tags: , , , , , ,
RB | February 18, 2012
2 comments

Black Sabbath on Tesla Coils

Rock and roll BoingBoing says that if you need an explanation why you should spend 1:26 watching ArcAttack perform a Tesla Coil version of Iron Man by Black Sabbath, you are in the wrong place.

ArcAttack is playing Black Sabbath on MIDI-compatible Tesla coils standing in a Faraday suit. The MIDI signal from the guitar is routed through a fiber optic cable to control the Tesla coils according to BoingBoing.

Related articles
Category: Fun | Tags: , , , ,
RB | February 16, 2012
No comments

Better Mobile Security

Mobile securityMobile device users should be concerned about security. This is especially true if the mobile device is used for work and it is configured with your employer’s email or messaging server. IT staffs can take steps to protect the date on the mobile. Eric Geier, the founder of NoWiresSecurity writes provided CIO Update with 6 tips for better mobile device security.

EncryptionTip No. 1 – Choose a mobile OS that supports encryption and use it: Mr. Greer says make sure the mobile operating system (OS) and device supports hardware-based encryption. The article says Apple’s (AAPL) iOS and Research In Motion’s (RIMM) BlackBerry support encryption for both internal and external storage. Without encryption it’s possible that someone could recover the data on the device even without your lock PIN or password.

Full device encryption is limited and varies on current Android device manufactures. Mr. Greer writes that Motorola Mobility’s (MMI) business-oriented smartphones offers encryption capabilities on Android 2.3. Android 3.x includes an API to help developers offer encryption on tablets. Android 4.x tablets and smartphones should support encryption sometime in 2012. WhisperCore is a third-party encryption solution which is in beta for Nexus S and Nexus One.

PasswordsTip No. 2 – Set a lock pin or password: The article says that enabling a password, whether it’s called a PIN, passcode, or passphrase, is the first line of defense in maintaining privacy and security. It helps prevent others from picking up your phone or device and snooping around if it becomes lost, stolen, or just left unattended. It’s also usually required if encryption is enabled on the device writes the author. A PIN will protect data and privacy from the causal snoopers.

Tip No. 3 – Enable auto-wiping of data: Most mobile OSes support automatic wiping of the device’s data after a certain number of incorrect passwords attempts. Mr. Greer says auto-wiping is natively supported by iOS, Windows Phone 7, and BlackBerry. Android requires a third-party app, such as Autowipe.

It is important to keep all your data regularly backed up so the data can be restored to a new mobile after it is wiped.

Mobile device managementTip No. 4 – Setup remote tracking and management: Before your phone or device gets misplaced or stolen the blog recommends that a remote tracking and management system should be set up. Most let you see the device’s GPS location on a map, send audible alerts to help you find it, and display a visual message to tell others how to return it. They typically also let you remotely lock and/or wipe it before someone else gets their hands on it. According to Mr. Greer:

Wireless Wi-Fi hotspotTip No. 5 – Limit Wi-Fi hotspot usage: When you use public Wi-Fi hotspots that aren’t encrypted, all your Internet traffic is transmitted through the air and can be easily intercepted. The most important sites and services, such as banking websites, usually implement their own (HTTPS/SSL) encryption that protects their individual traffic. But most email providers and many social networking sites don’t; thus eavesdroppers can likely capture their passwords and traffic.

On the other hand most 3G, 4G, and other cellular data connections are usually encrypted by the carriers. Plus eavesdropping on these types of connections isn’t as popular. Therefore, when you’re out and about you should try to use the data connection rather unsecured Wi-Fi hotspots.

If you insist on using Wi-Fi hotspots, use those that offer enterprise encryption and 802.1X authentication, such as from T-Mobile and iBahn. Alternatively, consider using a VPN connection to secure your traffic from local eavesdroppers.

Cellphone virusTip No. 6 – Use an antivirus or security app: Viruses, malware, and hacking on mobile devices is a growing problem. The author recommends installing a security app to help prevent infections and intrusions. Most AV solutions also offer other features, such as remote wiping, backup and locating.

Related articles
Enhanced by Zemanta
Category: Mobile, Security | Tags: , , , , , , , , ,
« Older Entries  

Switch to our mobile site