ReadWriteWeb

Just a week after Twitter's acqui-hire of Summify, the company has done it again. This time Twitter is grabbing Web security firm Dasient and winding down the Dasient business. Instead of servicing the old customer base, the Dasient team is going to work on Twitter's revenue engineering team. Wait, what?

You might think that Twitter would be looking to snag Dasient in order to curb problems with spam and other attacks on the platform. Instead, it looks like Twitter is hoping to use Dasient's team to prep the platform for self-serve ads that might be launching later this year.

The number of web sites infected with malware has doubled, according to Dasient's Q3 Malware Update. Planting malware on legitimate sites, through malvertising or other methods, is now the preferred method of criminals distributing malicious software. McAfee, in its own third quarter report, claims that daily malware infections are increasing at the highest rate ever. Meanwhile, as we've reported, BitDefender estimates that one in five Facebook users is exposed to malware. And Palo Alto Networks told us recently that Facebook use is rampant in enterprises, even where it's forbidden.

Considering all this, are you planning on changing your organization's anti-malware strategy?

As a follow-up to our article "What You Need to Know About Malvertising:" Dasient saw a spike in the number of websites hosting malware in Q2 of this year, according to the security-as-a-service company's Q2 Malware Report. According to Dasient, over 1.3 million web sites host malware - more than twice as many as the company found in Q2. Also, malvertising campaigns tend to start on weekends, javascript based attacks are on the rise and ASP pages are increasingly targeted.

On September 14, 2009 New York Times readers were automatically redirected to a site hosting malmare thanks to an ad containing malicious code. On July 15 2010, TweetMeme was the victim of a similar attack and began sending its users to a "scareware" site. These are just two examples of "malvertising," one of the fastest growing security threats on the web. It's particularly scary because potentially any site with advertising could be a target, and users don't even have to click the ads to trigger malware. Use a Mac? You could still fall victim to phishing scams perpetuated by malvertisers. Scary stuff. So what do you need to know?

Unfortunately, we couldn't be at Black Hat and Defcon in Las Vegas this week, but here's our round-up of highlights from the two security events from around the web. Of course, if you look through the schedules for both events, there were dozens of other paranoia inducing talks than the ones listed below - these are merely the ones that got the most press coverage.

Ever come across a Google search result that has the words 'this site can harm your computer' below a link? What about the Firefox red screen of death? If you're a Web surfer, chances are you've likely avoided clicking on this type of link. If you're the owner of the flagged site, chances are that those six simple words will set off a mental tailspin.

Launching today, Dasient, a San Jose Palo Alto start-up founded by a couple of ex-Googlers, hopes to change all that with its new Web anti-malware service. By monitoring Web sites for infected pages, providing instant diagnostics and giving site owners a two-click quarantining option within moments of a compromise, Dasient's subscription based security service (free and paid, from $50/month) aims to help businesses retain control of their Web site and remain clear of the dreaded blacklist.