Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

CommunityDNS’ Newsletter – Latest Edition Released

The latest edition of the CommunityDNS newsletter has been released. Topics for this issue include:

• “Strong ‘Net Growth’ in the Philippines”

• “Voices from the Internet”

• “Fast Reporting in Finland”

… and more. Enjoy!

Click here for more information.

IIS bug gives attackers complete server control

A bug recently discovered on systems running IIS, version 5, on Windows 2000 with Service Pack 4 allows hackers to receive remote root access, thus the ability to take full control of the server. IIS, version 6 is also vulnerable.

Click here for more information.

‘Freakshow’ Provides Inside Look At Real Malware Behind Big Breaches

The News Bits has reported the increasing level of sophistication used by hackers to obtain credit and debit card information. Through the hack jobs at a Las Vegas casino, a Michigan restaurant and a hotel in New York greater levels of analysis and code sophistication were noticed.

Items in the above attacks included hackers becoming more familiar with systems than internal employees, often taking months of study before snaring their data. In one case code was designed and implanted to run as service so when the device needed to be rebooted the malware was also restarted. Another instance found where multiple pieces of malware were implanted so when administrators would perform scans and cleans they would find some, but not all of the malware. While providers are moving towards encryption of data malware is moving more towards capturing the data that’s in memory – before it is encrypted and written into the database. In another case hackers have devised code that can be installed on devices that are not connected to the Internet, such as DVD kiosks. The kiosk-based malware requires in-person hacker interaction to implant the code as well as retrieve the data.

Click here for more information.

Conficker/Downadup Dominates BitDefender’s Top Ten Threats For August

A research firm has compiled a list of the top ten threats as seen on computers today. Conficker still dominates with 43% of the total number of computers infected by malware.

Others that ranked in the top 10 include:

2). Win32.Induc.A
3). Win32.Sality.OG
4). Worm.Autorun.VHG
5). Win32.Virtob.Gen
6). Packer.Malware.NSAnti.1
7). Win32.Worm.AutoIT.AC
8). Win32.Sality.2.OE
9). GEN:TDSS.Patched.1
10). Win32.Worm.Downadup.Gen

Click here for more information.

5 men named in racket that netted $4m in stolen card data

Illustrating the lucrative business of credit card credential snatching, some cybercriminals work to amass such credentials to later sell on the market.

In a scheme that raised $4 million dollars from identity theft, criminals in eastern Europe purchased credit card credentials of people in New York. From the Czech Republic and the Ukraine these individuals were able to pilfer $4 million through using the information from 95,000 credit cards.

Two from the Czech Republic have been extradited to the US. Two in the Ukraine are waiting extradition while two others still need to be located.

Click here for more information.