beforeyoukillyourcomputer.com

Social media is increasingly becoming fertile ground for hackers to attack companies with spam and malware, according to a report released Monday by a security firm.

According to a Sophos survey of nearly 500 companies worldwide, the number of firms that reported attacks through social media increased by 70 percent compared with the year before.

IT professionals became more concerned that employees’ everyday actions on social-networking sites are exposing companies to attacks. Sixty percent of interviewees said they were most concerned about security vulnerabilities in Facebook.

Criminals banked on the inherent trust people have on their contacts, said Sophos senior security adviser Chet Wisniewski.

“Social media provides criminals with an opportunity. When I get a message on Facebook from my wife and I see a link, I’m going to click it,” Wisniewski said.

Online lures known as phishing schemes and malware attacks – malicious programs that aim to steal private information or control a victim’s computers – expanded their presence in social media sites by around 10 percent in the past eight months.

Sophos identified 50,000 variants of existing viruses in 2009, almost twice as much as the previous year.

Spam reports, an epidemic that e-mail providers have been considerably effective in staving off through filters, rose 23.6 percent in the same period.

“People reporting spam went from a third to half of all companies. Two out of five are having issues of malware coming from social media,” Wisniewski said.

The troublesome Koobface worm also continued to evolve in sophistication. In 2009, the worm became capable of automatically registering a Facebook account, befriending strangers and posting malicious content on the walls of potential victims, the report said.

Other smaller, regional social-networking sites are also at risk of becoming attack platforms for the theft of consumer or corporate information.

Although a third of the firms said they have blocked Facebook from employees’ computers because it hampers productivity, barring social media entirely is no longer an easy choice as many professionals regularly use social media to stay connected to their customers.

Source ~ San Francisco Chronicle

Enterprise anti-virus vendor Sophos on Aug. 23 released a free rootkit detection and removal tool alongside a warning that the stealthy malware threat is a legitimate security concern for businesses.

Sophos, of Lynnfield, Mass., said its rootkit cleaner offers an easy-to-use interface to scan all running processes, local hard drives and the Windows registry for rootkits.

The company joins a growing list of Internet security vendors adding rootkit-scanning capabilities to their product lines. Finnish anti-virus outfit F-Secure offers the BlackLight rootkit clean-up utility, while BitDefender and others are beta testing similar offerings.

Rootkits are programs that are used to give a remote user persistent access to a compromised system while avoiding detection from security scanners.

Now the company has released a free scanner that promises to identify known rootkits and selects, by default, malicious files for removal. Sophos said the tool will remove the rootkit component of the malware without compromising OS integrity.

The rootkit detection and clean-up tool will allow users to remove unidentified hidden files, but does not allow removal of essential system files when hidden by an identified rootkit.

Once the user runs a scan, Sophos said the screen prompts the user through the necessary steps until every rootkit has been removed.

Download

Source