Pages

Monday, September 16, 2013

Rogue iFrame Injected Web Sites Lead to the AndroidOS/FakeInst/Trojan-SMS.J2ME.JiFake Mobile Malware




A currently ongoing malicious campaign relying on injected iFrames at legitimate Web sites, successfully segments mobile traffic, and exposes mobile users to fraudulent legitimately looking variants of the AndroidOS/FakeInst/Trojan-SMS.J2ME.JiFake mobile malware.

Let's dissect the campaign, expose the domains portfolio currently/historically known to have been involved in this campaign, as

Saturday, September 14, 2013

Information Security - Online Training Programs

Many companies and businesses make use of the internet and networking systems in order to produce, show, and store their work. With this comes the responsibility of not only keeping that information private but secure. Many accredited online colleges offer degree distinctions in information security to do just that. Students interested in the field have numerous options to choose from when deciding on a degree program.
Criminal activity online increases at about the same rate as technology and as a result numerous online schools are adding information security to their curriculum. Information breaches and theft cost companies millions of dollars each year in revenue. This fact has companies and businesses employing trained professionals to secure their information. Prospective students can gain training in the industry anywhere from a certificate to a master's in the field.
Online certificate programs are a good choice for individuals who are already working in the field. They offer computer professionals an in depth study into their specialty. The goal of a certificate is to provide students with a narrow and focused skill within the industry. For example, students can gain a certificate in ethical hacking. A course like this would have students diving into the techniques used by hackers. These hackers are considered to be black hat hackers and students who are learning the exact same hacking skills are called white hat hackers. This means that students will take an ethical approach to hacking so that in the work place they can find the organization's vulnerable areas and secure them. There are numerous online certificates available that allow students to study information security and that properly prepare them for work within the industry. Other certificates that can be taken are security architecture, intrusion prevention, and more.
A popular approach to schooling in this industry is gaining a bachelor's degree. A bachelor's degree builds a solid foundation to prepare students to work with companies and their online information. Online course work in this area typically centers on practical approaches to computer engineering, science, information security, technology security, communications, and more. Students seeking a bachelor's degree should plan on committing on average of four years to their studies.
Some online schools offer a master's degree or a doctorate in the field. Graduate study in this field is usually preceded by a of couple years of work experience. Many information security professionals gain a graduate degree in order to advance in the industry and earn promotions. Since both of these are graduate degree distinctions students will study advanced information security techniques. Courses will go into executive level skills, problem-solving abilities, and knowledge in managing a team and resources. Most graduate programs will take on average one to two years to complete.

Friday, August 30, 2013

Summarizing Webroot's Threat Blog Posts for August




The following is a brief summary of all of my posts at Webroot's Threat Blog for August, 2013. You can subscribe to Webroot's Threat Blog RSS Feed, or follow me on Twitter:




01. ‘Malware-infected hosts as stepping stones’ service offers access to hundreds of compromised U.S based hosts
02. New ‘Hacked shells as a service’ empowers cybercriminals with access to high page rank-ed Web sites
03

Thursday, August 29, 2013

Profiling a Novel, High Profit Margins Oriented, Legitimate Companies Brand-Jacking Money Mule Recruitment Scheme

Over the years, I've been actively researching the money mule recruitment epidemic, providing actionable (real-time/historical) intelligence on their activities, exposing their DNS infrastructure, offering exclusive peek inside the Administration Panels utilized by money mules, emphasizing on current and emerging tactics applied by the individuals orchestrating the final stages of a fraudulent