Threat report H2 2012

H2_2012_incidents_calendar

Threat report H2 2012

This time of the year is always interesting. It is the time when Labs looks back on the past half-year to summarize what has happened in the threat landscape. I can proudly announce that the report for H2 2012 has been published and is free for you to download and read!

The report is once again packed with highly interesting reading on the threats that we all face when using the net. And this report is not just a repetition of what has been published in the media. A compilation like this makes it easier to spot the trends and the big picture. Thanks guys for putting it all together! And of course for the continuous research effort that it is based on. (I’m not going to list all the names here, the full list of contributors can be found in the report.)

Here’s some teasers…

Botnets. ZeroAccess was easily the most prevalent botnet we saw in 2012, with infections most visible in France, United States and Sweden. It is also one of the most actively developed and perhaps the most profitable botnet of last year. Read more about ZeroAccess and botnets in general at page 15 – 20.

Exploits. Java was the main target for most of the exploit-based attacks we saw during the past half year. This is aptly demonstrated in the statistics for the top 10 most prevalent detections recorded by our cloud lookup systems. Learn more about exploits at page 25-27.

Banking trojans. With regards to banking-trojans, a botnet known as Zeus—which is also the name for the malware used to infect the user’s machines—is the main story for 2012. Browse to page 21-24 to read how the traditional way to rob a bank has become hopelessly old-fashioned.

The web. Common sense is still important when surfing, but it is becoming increasingly difficult to spot the dangerous places. Ad-networks are integrated in an increasing number of sites and can distribute malware through web portals that should be trustworthy. More about the web’s dangerous places at page 28-31.

Mobile devices. Did you know that there is malware on all commonly used mobile platforms? But Android has the questionable honor to lead the pack, and the others are far behind. The full story is on page 35-37.

The threat report covers all this and a lot more. Why not make sure that you are up to date on the threat scenario by continuing to the report. It is highly recommended reading.

Micke

More posts from this topic

842710939_d8f092ed9f_b (1)
April 28, 2016
BY 
Spring clean your PC and Android devices

Why Buy A New Device When You Can Spring Clean Your Old One?

The sun is out, the days are longer, and flowers are blooming. Spring has sprung - and with it, the perfect inspiration for cleaning, organizing, and getting rid of clutter. Whether or not you tackle your home this spring, at least take care of cleaning your PC and mobile devices - they need it too. Over time, computers and devices get bogged down by use and cluttered up with files you don't really need. This built-up junk makes them slow and unstable. Often people think they need to go buy a new device, when actually they just need a tune-up. With a little optimizing, you can get your old device running like new again. Here are the top three ways a good spring cleaning will help you get more out of the life of your device. 1. More space Are you running low on space on your device? No matter how much disk space a device has when it's new, over time it starts to run out. Apps, app data, large media files, downloads, and other unused user data start to litter your device. You might find your device is out of space for your photos, or you can't install any more apps. Cleaning up this excess junk will free up space for the content that you really want. 2. Faster performance Is it taking too long for your PC or phone to boot up? Too many processes running in the background that are dragging down your gaming or media experience? If your device is running slow or if apps are taking too long to start up, you could use an optimization for faster start-up times, browsing, file operations, and making your apps run smoother. 3. Better battery life Wouldn't it be nice if your batter would last a little longer? Your device's battery gets consumed by unnecessary apps and processes. By closing those out, you can extend your battery life so you don't need to plug in as often. Now, for the cleanup. There are some easy things you can do to get a cleaner, faster, more efficient device that's got space for the content you care about. Here are some easy steps: Photos and videos are some of the biggest space takers. You can free up a lot of space just by going through and individually deleting out the photos you don't want or need anymore from your gallery. Or you can back all of them up to another hard drive or cloud service, then remove them from your device altogether. Uninstall apps you don't use (Be strong! If you really need it down the road, you can always install it again). Open your Downloads folder and check what's there - chances are there's a lot of stuff you don't need anymore that you can delete. Clear your cached data from apps and browsers. This data is saved to enable quicker processing, but over time it all adds up and bogs your system down. Tip: Aside from the photos and videos, the quickest, easiest way to take care of the above items is to run a free cleaning with F-Secure Booster. It will get rid of all the old trashed files, temporary and log files and unused user data, to free up space for the stuff that really matters. The PC version of F-Secure Booster even has a software update tool to make sure all critical software and driver updates are taken care of. Ah, the beauty of spring...when everything old is new again!  

April 19, 2016
BY 
WhatsApp-e2e

WhatsApp is now secure by default – Why is it so important?

WhatsApp is not just any messaging app. It’s a quite unique combination of popularity and security. Many people know it as “the” messaging app. A natural choice that all your friends are using already, so it’s a no-brainer for you to use it too. But WhatsApp is also committed to provide a secure solution. They have been working with Whisper Systems for a long time and gradually integrated their security technology. This work reached an important milestone yesterday when WhatsApp announced that all communications now are end-to-end encrypted, if the parties use the latest version. This level of encryption has previously been available in some situations, but now they have reached full coverage. This is actually a very important milestone for all of us. Not only for the WhatsApp users who really care about security. Let’s take a look at what this means. What is end-to-end encryption? This means that the message is encrypted during the whole path from sender to receiver. The end-point devices handle encryption and decryption and the message is not readable in transit or when stored on the vendor's server. The vendor does not have a key to the encryption and can’t read the messages, nor reveal them to authorities. Is it hard to use? No. WhatsApp’s encryption is fully integrated and automatic. It’s enabled by default and you do not need to do anything. Except make sure that all communicating parties have the latest version of WhatsApp, but that will eventually happen anyway when people upgrade their apps. Why is this important? WhatsApp is a leader is what we call secure by default. This is a very important trend as it helps us all stay secure. There will always be secure ways to communicate, even if strong end-to-end encryption would be banned in some countries. But using security tools that aren’t mainstream will always make you look suspect. There’s a lot of ways to detect them using network surveillance. Outsiders will not be able to read what you write, but authorities may still conclude that you have something to hide and start keeping an eye on you. Even if your business is perfectly legit and honorable. This is why secure by default is important. If the norm is to use a secure communication channel, then nobody can claim you are suspect because you use one. The masses who don’t care about security are actually helping those who really need it. Other examples of secure by default are Apple’s iMessage and mail traffic that to an increasing degree default to protected connections using SSL or TLS. Is WhatsApp really secure enough? They are definitively serious about providing a secure solution. But we should always keep in mind that there are flaws in every existing system. Vulnerabilities will no doubt be discovered, and fixed promptly. But WhatsApp should anyway have sufficient security at least for people with low to medium needs. If you have a serious need for security, then you should investigate your needs thoroughly and carefully select what tools and methods you use. Consult professionals and keep in mind that security is a broad concept. Selecting the right tool is not enough. You also need to have good op-sec. You need to mind what you say and do, and how you handle data. Isn’t WhatsApp helping terrorists by doing this? No, not really. Properly encrypted communications is no doubt an obstacle for investigating authorities. But there are so many other tools they can use instead. Like tapping phones and locations. Searching facilities. Tracking persons and vehicles. And using spying implants on devices. As WhatsApp puts it in the announcement: “No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private – sort of like a face-to-face conversation.” So yes. They could have included “Not investigating authorities” too, and that is a minor disadvantage in cases where we are dealing with terrorism and other kinds of sever criminality. But the overall picture is perfectly clear. The benefits of end-to-end encryption and secure by default clearly outweighs the disadvantages. Kudos to WhatsApp for showing the way.   Safe messaging, Micke     Public domain image from Pixabay

April 6, 2016
BY