Finjan Inc. reports that attackers infected at least 10,000 trusted web sites with malware last month using the Random.JS Trojan toolkit.  Random.JS is an exceptionally sneaky Trojan that infects the targeted machine and sends data from the machine back to the attackers controlling it via the Internet.  The information that is stolen includes documents, passwords, surfing habits and other forms of compromising information.

“Random.JS uses varying methods to remain undetected and keep spreading,” he said. “It is able to break antivirus signatures and store malware on legitimate sites.” The Random.JS toolkit is a piece of JavaScript code that morphs every time it is accessed, Ben-Itzhak said. As a result, it’s nearly impossible to detect with traditional signature-based anti-malware products.

The Random.JS attack is performed by dynamic embedding of scripts into a Web page, he said. It provides a random filename that can only be accessed once and is done in such a selective manner that when a user receives an infected page once, it will not be referenced again on further requests. This method prevents detection of the malware in later forensic analyses.

The list of attack toolkits includes MPack, NeoSploit, IcePack, WebAttacker, WebAttacker2 and MultiExploit, along with newer toolkits like Random.JS, vipcrypt, makemelaugh and dycrypt.

Security vendors warn of the rising use of attack toolkits in recent months.

Are your systems protected?  Let Digital Reach assess your network security strategy.

Smart-phones are set to become the next major security challenge for IT according to a CompTIA survey conducted this year.  The survey polled 1070 small businesses in North America and 60% reported they had seen an increase in security issues related to the use of hand-help computing devices over the last year.  The concern is if businesses will view the risk as too great a burden to place on their IT departments and will instead ban the use of them within their corporate environments.  Many IT services firms are preparing for a whole new generation of security applications for mobile devices and how to secure access.

These handheld computing devices give workers the ability to work while “on-the-go” by allowing access to key information residing back at the work or home office.  But, this simple access to information is creating a growing set of security concerns for companies.  Mobile users requesting access to the company network remotely is a potential security threat.  The fear is that a virus could potentially jump from phone to phone to network much like pc-to-pc worms and viruses have done in the past.

Business-oriented smart-phones come from the manufacturer with decent built-in protection like encryption and firewalls.  But, smart phones geared more toward the consumer market have far fewer safety features in place.

To learn more about data security and data protection, click here.

According to a new survey by ILM Audit 2007, data archiving and disaster recovery are likely to lead the storage related IT concerns for 2008.  The Audit reveals that IT departments top five storage related concerns are:

1. Disaster Recovery
2. File Archiving
3. Email Archiving
4. Data Backup
5. Database Archiving

59% percent of IT departments credit Disaster Recovery as their top concern for data storage related considerations.  The report further announced that 84% of IT executives stated that storage vendors should be doing more to improve the energy efficiency of their products. The issue brings us the “green” storage topic which is expected to gain even larger ground in 2008 and beyond.

In addition to the top 5 storage concerns were: Continuous Data Protection, Encryption of Archived Data, Storage Management/ILM, Storage Resource Management, and Secondary Storage Consolidation.

According to the report, the proportion of companies holding over 1TB on primary storage has increased from 59% in 2006 to 73% in the 2007 ILM Audit. And at the top end, one in five (21%) of all companies are now holding over 10TB of data on primary storage. But the research also reveals that between 30 to 50 percent of data held on primary storage is inactive and unlikely to be accessed again.

When asked what factors are driving interest in data archiving, the top issue highlighted by the survey sample was disaster recovery followed by regulatory compliance and data growth.

Discover why companies in Texas and beyond trust Digital Reach with for Data Backup, Storage, and Recovery.

Email Spammers launch DOS attacks against antispam sites

Antispam sites that help battle phishing scams and spam are now being targeted with DOS attacks ( Denial of Service ) by malware botnets operated by spammers according to antispam site SpamNation.

SpamNation believes that the denial of service attacks are being launched by the Zhelatin gang, a group that is thought to be behind the Storm Worm Botnet.  According to the SpamNation report, the botnet operators are selling denial of service attacks.

The power of the Storm botnet is thought to have surpassed that of all major supercomputers.  The rate at which the botnet is evolving is extremely unsettling, and one can only wonder what kind of sites will be targeted with DOS attacks as it continues to grow in size.

Data Security and Protection is just one of the solutions offered by Digital Reach, Inc. To learn more about Digital Reach’s IT Outsourcing Solutions, click here.

Richardson IT Support services. Richardson IT Outsourcing solutions.

This past month, spammers developed a new variation of the “pump-and-dump” stock spam campaign in which text, Excel, and PDF files containing a spam message were zipped and sent as attachments to email messages.  Spammers attempted to bypass text and image scanning engines in email security products by using compressed files that required the use of ZIP file utilities to decompress the attachment. 

Barracuda Central quickly detected various forms of the ZIP file spam campaign, many of which resembled the image spam attacks introduced in 2006.  Utilizing the Barracuda Spam Firewall’s sophisticated spam scoring engine, reputation technology and fingerprint analysis to detect known spam techniques within the message and its attachments, the message is given a score and acted on accordingly.  Using these techniques, along with enhancements to Barracuda Networks Optical Character Recognition (OCR) technology, the Barracuda Spam Firewall effectively blocked ZIP files containing spam content.  To view samples from this ZIP file spam campaign, visit: http://www.barracuda.com/trends/zipspam.

Just as Barracuda Networks was the first major appliance vendor to introduce OCR technology in 2006 and PDF spam filtering techniques earlier this summer, the Barracuda Spam Firewall was the first to utilize a comprehensive scanning approach to successfully block this latest “pump-and-dump” stock spam campaign.

To find out more about how our clients are protected, click here.

Forrester Research recently reported that the majority, as high as 85 percent, of security breaches involve internal employees.  These include inadvertent employee error, laptop theft, contractor unauthorized access, disgruntled employees and password mismanagement.  These factors can have a drastic impact on revenue, liability, productivity and brand.

What are these threats and how can you avoid them?

Phishing

Phishing is an email that “looks” like the real thing but is far from it.  It is a means to gather trust from the receiver in hopes of collecting sensitive login information, banking account numbers, credit card numbers, and a host of other personal information including phone numbers, SSN numbers and addresses.

“These days a phishing attack is almost indistinguishable from the real thing,” says Paul Stamp of Forrester Research.

Employees mistakenly disclose confidential information including passwords and financial data to the attackers.  These internal employees are essentially opening a company up to criminal activity.

Laptop Theft

Leaving your laptop at the coffee shop, airport, hotel or restaurant can have greater consequences than merely being an inconvenience. The loss of a computer or data-storage device made up 54% of all identity theft-related data breaches in 2006 according to Symantec.

The theft can minimized should it occur.  Companies should require employees to protect their laptops with a startup password.  Also, deleting old emails, text messages and unwanted files should be put into practice.  It is also a good idea to make use of the device’s built-in encryption capabilities and password protection features.

Disgruntled Ex-Employees

Research has revealed that it can take up to 4 months to remove user rights of a former employee. Many IT administrators are simply too time-strapped to actively update users access and privileges. This delay can seriously endanger the security of mission-critical applications.

Digital Reach offers solutions that automate policy enforcement and delegate administration for user provisioning.  This helps maintain security levels while managing large numbers of users.

Missing Security Patches

Many IT administrators are simply too overburdened to ensure that they have the latest updates and patches in place for their systems.  As a result, viruses succeed in penetrating their IT environment.  If you are not up to date with the latest anti-virus detections, you  are clearly at risk for some of the latest threats.

Patch management solutions from Digital Reach can greatly ease the burden on today’s administrators.  These solutions automates system discovery, patch assessment, and patch installation on both workstations and servers.

Data Leakage

Joke emails, web link forwards, photos of friends and family not only hurt a companies productivity but can also serve to leak sensitive data.  Data leakage is primarily the result of malicious employee activities or more common, non-malicious employee error. The most innocent of correspondences can result in trouble. Example: an email message sent to a co-worker can offend leading to legal liability.

Installing strict usage policies can prohibit employees from sending sensitive information via insecure email.

Help increase your productivity and reduce your costs with a more secure, well-managed infrastructure.

Your IT infrastructure can help boost productivity, lower costs and complexity, and contribute more to the success of your business. Relying on integrated and familiar technologies like Microsoft System Center for systems management and the Microsoft Forefront family of security products, we can help you enhance your infrastructure and make your people and your company more secure and more efficient. 

Let us help you:

+ Improve Security. Get an optimized IT infrastructure that automatically helps identify, prevent, and respond to threats.

+ Simplify Infrastructure Management. Get a central management console that you and your people can access and utilize from virtually anywhere.

+ Reduce Costs and Complexity. Get the ability to centralize administration and local backup so your company invests less time managing complexity and security, and more time capitalizing on its increased efficiency.

+ Enhance Productivity. Ensure your infrastructure enables information workers to be more productive.

For more information about our specific solutions, contact Digital Reach Inc. today!

Security Messaging
Enhance your protection against spam, hackers, and viruses, using powerful and familiar Microsoft technologies, including the Microsoft Forefront family of security products. Stay focused on supporting the business- not worrying about your security.

Systems Management Messaging
Simplify the management of your infrastructure and make your business more efficient, using integrated and familiar Microsoft technologies including Microsoft System Center management products.

Current networks are designed to leave sensitive content scattered throughout a company’s infrastructure and beyond the control of network administrators.

Future networks must manage the exchange of content and the access of that content.

New regulations are breeding an entirely new issue C-Level executives and network administrators must consider: corporate governance.  Although it is not a new topic, it has taken on a whole new significance in recent years.  Public corporations have become much more common and shareholders are more savvy demanding more consequences for inefficiences in management.  After the collapse of some well known corporate giants, companies are learning that the trust of their customers, employees and stakeholders can take years to win and only minutes to lose.

Technology creates an opportunity to gain the trust of those you seek but can also “bite the hand that feeds it”.  The same technologies - email, instant messaging, compliance control, virus protection, network efficiency - can also create enormous risk if poorly implemented or mismanaged. 

“Ultimately, information security is not soley a technical issue, but a corporate governance challenge,” a recent Business Software Alliance report found. “While there is broad consensus on the actions needed to create strong security, too often responsibility is left to the chief information officer or the chief information security officer. In fact, strong security requires the active engagement of executive management. By treating these challenges as a governance issue and defining specific tasks that employees at all levels of an organization can discharge, enterprises can begin to create a management framework that will lead to positive results.”

The report went on to report that CIOs may “suffer conflicting demands with regard to IT functionality and may not be in a position to leverage the resources and authority necessary to address the problem across multiple business lines or divisions.” 

Need help? Digital Reach can help you meet these new levels of data and network security requirements without putting additional strains and workloads on your network engineers and administrators.