ReadWriteWeb

Security software vendor Sourcefire announced today a new kind of endpoint security solution called FireAMP that couples the power of big data analytics with real-time threat detection and prevention. The idea is to use what is happening around the Internet in real time to lock down Windows endpoints and prevent them from running malware.

We all know the relative truth that there is no such thing as malware that can strike iOS devices. Malware breeds in incestuous pits of the Internet with botnets and spammers lurking around every URL or third-party app store. Oh, but never on your iPhone. Malware is as synonymous with the Internet as search, chat or porn. Yet, when browsing with you Mac or iDevice, there is still a fair likelihood that you will run into a malware stricken site that could potentially do you harm.

AnchorFree, makers of the powerful Hotspot Shield application, are adding a new function to its offering today. When browsing the Web, Hotspot Shield will now alert users when a site they visit contains malware. It may seem a trivial update to for the malware-invincible iOS but there is more danger than meets the eye.

A rampant worm by the name of Ramnit has stolen login and password information for 45,000 Facebook users, mostly in the UK and France. Prowling the 800-million-strong social network, the worm eats user names, passwords and browser cookies. It also acts as a backdoor, meaning a hacker can attack any computer that has already been infected. According to the Microsoft Malware Protection Center, Ramnit infects Windows executables, Microsoft Office and HTML files. The Ramnit worm initially transformed into financial malware in August 2011, according to reports from Trusteer.

"What was once malware designed to steal data from financial institutions has evolved into a social network threat," says John Weinschenk, CEO at Cybersecurity company Cenzic. "Bank account numbers and Facebook log-in credentials seem very different, but to hackers, they are equally as lucrative."

A phishing attack aimed at new Mac users was launched the week after Christmas looking to obtain the credit card information of people signing up for a new Apple ID. The well-timed attack tries to redirect users signing up for an Apple ID to a phishing site designed to look like the Apple sign-in page asking users to update their account information.

Security researchers from various companies have uncovered the latest cyber weapon, nicknamed Sykipot. It appears to try to grab documents from high level executives within a variety of target organizations, of which the vast majority have been defense related agencies working on unmanned combat drones. The origins of the attacks appear to be with a long-standing well-funded Chinese group that has been operating for several years.

To all the other "aaS" providers out there, add this one: MaaS, for malware as a service. Yup, the bad guys have their own routines that can provide a one-stop, full-service shopping for fraudsters. How depressing is that?

Turns out, very depressing.

Our article earlier this week about the frequency of DNS exploits has already come back in the news, in the wake of shutting down one of the the longest running and most costly botnets in history by the FBI earlier this week. The network, called Esthost, supposedly claimed an estimated four to five million victims and fleeced them somewhere around $14 million. All of that was due to 100 rogue DNS servers that were used to redirect massive amounts of traffic from the infected computers. The operation, dubbed Ghost Click by the FBI, raided two data centers in New York and Chicago, along with arresting people in Tartu, Estonia.

BitDefender announced its Twitter malware protection service Safego is now an open beta and users can sign up here for the free service. It is similar to the service that they have had for Facebook that we last wrote about here. Once you authorize it to use your Twitter account, it begins to process all your tweets, DMs and embedded links to see what is going on.

Last week, leading security company McAfee asked a question of the security industry, "are we really protecting our users?" A lot of evidence points to the contrary. As can be seen in a new mid-year threat report from firewall maker SonicWall, consumer and corporate networks are larger and more vulnerable than ever. Yet, the battle against malicious programmers is not lost. It is a matter of common sense and evolution in security practices that will help protect companies and users from those that would do them harm.

"The days of just buying and anti-virus or a firewall program and just putting it on a PC are over," said SonicWall's VP of corporate development Ed Cohen. Enterprises and small and medium business need a more layered approach to security. Yet, the layers need to be more sophisticated. With the growing complexity of corporate networks, a new approach is needed.

Security company McAfee released its second quarter threat report today and the language in it is quite frank: "The security industry may need to reconsider some of its fundamental assumptions, including 'Are we really protecting users and companies?'" With malware at its highest levels ever, the escapades of LulzSec and Anonymous continuing unhindered and new varieties of spam being created almost every minute, it is a pertinent question.

Android is now far and away the leader is mobile malware. For-profit mobile malware has also grown significantly, with SMS-sending Trojans and other complex Trojans compromising smartphones. Rootkit malware that takes over the operating kernel of a computer or a smartphone is also becoming popular among malicious programmers. As McAfee notes, "The second quarter of the year was clearly a period of chaos, changes and new challenges."