Follow AppRiver

AppRiver Posts In Your Inbox

Your email:

Browse by Tag

Current Articles | RSS Feed RSS Feed

2012: Attacks Underway

 

2011 was a year riddled with data breaches and malware outbreaks. Less than 3 weeks into 2012 and we are already seeing a few of our security predictions for 2012 coming to true.

More High Profile Data Breaches- Data breaches were rampant in 2011 with businesses such as Sony, HB Gary Federal, RSA, WordPress, Episilon and many others being infiltrated and pillaged. It seemed like the there was a different breach for every day of the week. Well it did not take long in 2012 for the trend to continue. A few days ago Zappos (online shoe and clothing retailer) reported being hacked and exposing data for a whopping 24 million customers. Client information exposed in the breach included names, address, email, phone numbers, last four digits of credit card on file and passwords(although scrambled). Although no full credit card information was reported to have been exposed, there is still some danger. If the passwords are recovered by the hackers, they could be used to access the emails of the many individuals that are in the habit of using the same password across all of their personal accounts. Believe it or not this happens a lot more often than you might think. Additionally, the collected personal data could be used in more directed or personalized attacks as well as kept to be later correlated with other stolen data. The fallout for the companies that suffer these types of breaches can be detrimental. In the case of Zappos there will almost certainly be cancelled accounts, lost sales and a hit to their reputation. There is even news today that there has been a class action lawsuit filed on behalf of the customers involved. There is a high degree of certainty that these breaches will continue throughout 2012

Malware Using Social Media- Social Networking sites such as Facebook, Twitter and the like have all become a very popular vector for malware distribution. Whether it is being distributed on the social sites themselves or spam emails posing as correspondence from the site, this method has only been growing in popularity and will proliferate in 2012. We are currently monitoring many malicious campaigns that are attempting to pose as legitimate social networking communications. One campaign is coming in droves today and poses as a friend invite from Facebook. The message includes a link to a website hosting a malicious Javascript. In just a few seconds the victim’s machine has communicated with a host and installed a Trojan.

Here is a look at the message:

These attacks are nothing new but sometimes less really is more and let’s face it who isn’t at least a little curious about that friend request they just got? So what if you don’t recognize the name.. It is just one little click. Given their effectiveness, these attacks will be numerous in 2012.

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics