SEARCH

How-To Geek

Week in Geek: Botnet Epidemic Fueled by Malware Toolkits Edition

at-at-student-driver

This week we learned how to stream media files from any PC to a PlayStation, enable user-specific wireless networks in Windows 7, monitor the bandwidth consumption of individual applications, configure the Linux Grub2 Boot Menu the easy way, “add Dropbox to the Start Menu, understand symbolic links, & rip TV Series DVDs into episode files”, and more.

Photo by leg0fenris.

Weekly News Links

botnet-top-ten-list

Photo by The H Security.

  • Malware toolkits fuel the botnet epidemic
    In a current report, anti-botnet specialists at Damballa write that the number of bot-infected PCs worldwide increased sevenfold within a year. The researchers consider that the expansive growth in 2010 was caused by the increasing availability of “exploit packs” and trojan toolkits.
  • Speculations over the price of exploits on the black market
    In a recent interview, Matt Moynahan, the CEO of security firm Veracode, said an exploit for Adobe software is worth up to $5 million on the black market. However, more realistic estimates place prices in the region of $100,000.
  • Fighting spam and scams on Twitter
    Twitter presents a relatively new frontier for spammers, malware creators, and all around bad guys, which in turn has created the opportunity for security researchers and vendors alike to try to figure out, and put a stop to, their efforts.
  • Symantec report focuses on threat of targeted attacks
    In the world of security, targeted attacks should be a real concern–and extremely worrisome–to organizations around the world, Symantec said in a new quarterly report on attacks on critical infrastructure.
  • My Sweet Valentine – the CIFS Browser Protocol Heap Corruption Vulnerability
    On Valentine’s Day, an anonymous researcher announced a previously undisclosed SMB (Server Message Block) vulnerability affecting the CIFS (Common Internet File System) browser service. Along with the vulnerability, the researcher also posted Proof-of-Concept (PoC) exploit code showing exactly how to exploit the vulnerability, triggering a blue screen in kernel mode.
  • Microsoft still using undercover patches
    Microsoft updates regularly contain fixes for security vulnerabilities which are not listed in its security bulletins. Microsoft defends these ‘silent updates’, as they are known within the security community, in a blog posting by its Security Research & Defense team.
  • Winamp Forums Security Breach FAQ
    Security for the Winamp forum database was breached this past week, allowing the user forums to be compromised along with exposing accounts and email addresses.
  • Report: Canadian cyberattack traced to China
    A cyberattack against Canada that tried to access classified government information and forced two key departments to go offline has been traced back to China, according to a story from CBC News.
  • Stuxnet: five companies used as spring-boards
    In an updated version of its Stuxnet dossier, Symantec writes that ten initial infections via five consecutive attacks were the starting points for the propagation of the Stuxnet worm.
  • Stuxnet expert: other sites were hit but Natanz was true target
    Stuxnet may have hit different organizations, but its main target was still the Natanz nuclear enrichment plant in Iran, said an expert who has analyzed the code.
  • Symantec: Stuxnet 2.0 unlikely
    The Stuxnet worm may have stole the IT security limelight last year but a second wave of attacks is unlikely to take place, according to Symantec.
  • NSA chief wants to protect ‘critical’ private networks
    The head of the National Security Agency (NSA) said that the U.S. military should have the authority to defend “critical networks” from malware and other disruptions.
  • Internet ‘kill switch’ bill gets a makeover
    A Senate proposal that has become known as the Internet “kill switch” bill was reintroduced this past week, with a tweak its backers say eliminates the possibility of an Egypt-style disconnection happening in the United States.
  • White House undecided about data retention law
    The Obama administration has not yet taken a position on whether a law is needed to force Internet providers to keep track of what their customers are doing, a White House official said.
  • Rapid tech adoption overwhelming security staff
    Information security professionals are overwhelmed by the rapid deployment of new technologies in the workplace, potentially putting government agencies, businesses and consumers at risk, reveals a new study released this past Friday.

Random TinyHacker Links

dirty-secrets-of-seo

Super User Questions

If you have questions, then Super User has the answers that you are looking for. Here are some of our favorites from this past week’s top questions.

super-user-logo

How-To Geek Weekly Article Recap

Heat up your afternoon reading with our top articles from this past week.

hot-topics-logo

One Year Ago on How-To Geek

This week we have an awesome batch of retro Home Server goodness gathered together for your enjoyment.

windows-home-server

How-To Geek Comics Weekly Roundup

official-how-to-geek-comics-logo

The Geek Note

That finishes things up here for this edition, so take some time to relax if you can before heading back to work and school this week.  Remember to keep sending those great tips in to us at tips@howtogeek.com!

smiling-in-the-snow

Photo by Tom Caswell.

Akemi Iwaya (Asian Angel) is our very own Firefox Fangirl who enjoys working with multiple browsers and loves 'old school' role-playing games. Visit her on Twitter and .

  • Published 02/20/11

Comments (1)

  1. Adrian Haywood

    I am not receiving my daily email.

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!