Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

BIND crash bug prompts urgent update call

Exploits that target a vulnerability in BIND version 9 are already circulating through the Internet. Receipt of a specially crafted dynamic update message to a zone where the server is the master will cause the server running BIND 9 to exit. System administrators are urged to upgrade to get beyond this particular vulnerability.

Click here for more information.

Rogueware On a Roll: 640,000 New Variants Of Fake AV in Q3

Selling rogue antivirus software is more efficient and lucrative for cybercriminals. In the second quarter alone 374,000 new versions of rogueware samples have been released. The number is expected to be 637,000 for the third quarter. For comparison, only 50,000 rogueware samples were seen in the fourth quarter of 2008, with a total reaching only 92,000 for 2008.

At $50.00 per pop, the cybercriminals are now bringing in $400 million a year.

The latest mechanism for spreading the rogueware is through Facebook, MySpace and Twitter.

Click here for more information.

E-mail stream spammier than ever, reports say

June resulted in the largest amount of spam ever seen, beating the previous record holder (October 2008) by 20%. Security firms have pegged the level of spam to be either 92% or 94.6% of all e-mail. 90% of all spam is related to pharmaceuticals.

Spam is produced via compromised computers that form BotNets. The number of computers joining BotNets after being infected are estimated to be 150,000 per day. In the US alone there is an estimated 21 million new zombies, with a total 14 million infected computers world-wide.

The US is the country that produces the largest volume of spam. Other significant sources for spam are Brazil, China, Russia, Poland and India.

Comment: If 90% of all spam is related to pharmaceuticals and the portion of spam related to selling anti-virus rogueware brings in $400 million, how much does pharmaceutical spam bring in?

Click here for more information.

Google Hot Trends Dictate Malware Targeting

Previous CommunityDNS News Bits have pointed out that scammers, or cybercriminals are taking advantage of relevance by sending spam messages based upon relevant items. For example, within a day of Michael Jackson’s death spam messages were being sent luring people to learn more. In order to find out what people are talking about most scammers are turning to Google Hot Trends that periodically provides a list of the top 100 search queries. Scammers can also use the information to create links that rank high based upon the high levels of queries.

Click here for more information.

Peeking in Packets to Protect Pockets

With consumers always being warned about the theft of their identity, the US House Energy and Commerce Subcommittee held a hearing on deep packet inspection (DPI). Resulting legislation could limit how Internet service providers and others monitor their customers. This means companies could no longer track what websites someone visits as well as how someone uses a website. All of this information could be sold to outside companies and used for advertisements and other Internet content. Legislation would allow DPI to be used by law enforcement, however.

Click here for more information.