Posted 20 May 2013 - 01:39 PM
Inside the "PlugX" malware with SophosLabs - a fascinating journey into a malware factory..
by Paul Ducklin on May 20, 2013
Join SophosLabs Principal Researcher Gabor Szappanos (Szappi) as he takes you on a fascinating journey into the PlugX malware factory.
This is a malware family that keeps evolving as the criminals in charge of it churn out new variants.
Just like legitimate software, malware has major version upgrades and point releases.
In this paper, Szappi looks at the recently-released Version 6.0 of the PlugX malware framework.
You'll enjoy Szappi's paper because it's not so technical as to get bogged down in researcher-only jargon, yet not so high-level as to skip over the details that help you to understand how virus writers think.
Szappi writes clearly and logically, taking apart and explaining the numerous and deliberately-distinct phases in the malware's infection mechanism. (More...)
Read the complete article/paper at: http://nakedsecurity.sophos.com/2013/05/20/inside-the-plugx-malware-with-sophoslabs-a-fascinating-journey-into-a-malware-factory/
People sleep easy in their beds at night only because
rough men stand ready to visit violence on those who
would do them harm. ~~ Orson Wells
Posted 20 May 2013 - 02:30 PM
Posted 20 May 2013 - 02:46 PM
You now have espionage from Governments around the World and highly advanced computer techs that passwords mean little as exploits are often located and used to bypass provided security. The reality is that it is not "secure" and putting your business or personal data online does carry the risk of being stolen sooner or later. Even what is covered under US laws is often twisted by our own legal system as to who and why it can be accessed legally even though what one would have considered "common sense" does not apply to laws. Legal technicalities are what rule, good or bad.
They want to put all your medical records online in a national database for health yet its been seen and proven over and over that there are no real "secure" online locations. Sooner or later someone with enough knowledge, manpower, or trickery can overcome the security of any known systems. There are certainly many other implications of this but since this is not a political discussion I won't go there.
There is no easy answer but a draconian lock down is not it either.
Posted 20 May 2013 - 03:44 PM
Maybe the internet should be split. One section for "fun" and another one redesigned with access only under strictly enforced and checked rules. After all, I am not allowed to drive a car without brakes and in many countries the cars must be inspected every year or every second year. No freedom there. It is silly that someone can do online banking without having any security whatsoever. All this, however, may be wishful and highly naive thinking. But something has to give. I read recently that the costs of security and criminal "rewards" amounts to $100 billion a year worldwide. Not peanuts. I also recall that some universities in the US are testing another setup of the internet. So who knows.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users