Your Cyber Intelligence Source

Cyber criminals are leveraging high profile current events and Twitter to distribute malicious links on the Internet. Cyveillance recently discovered “Maltweets,” Twitter messages or tweets that contain URLs of infected sites that are using terms such as “Lakers” and “Air France” to entice users to click on the malicious links. 

The Web addresses included in these Maltweets are very dangerous, posing the threat of a malicious file download to a computer without the user’s knowledge. Once downloaded, the file may install hidden components on a computer, then attempt to execute malicious activity against the user, the user’s computer or network resources. The malware could allow criminals to takeover the computer, use it as part of an illegal botnet, install dangerous root kits and even capture sensitive user information such as usernames, passwords and other personally identifiable information for the purpose of identity theft.

More info can be found at: http://www.cyveillance.com/web/news/press_rel/2009/2009-06-23.asp

A story by the San Francisco Chronicle posted on www.sfgate.com earlier today sheds light on the “cat-and-mouse game” played every day on the Internet between the security industry and online criminals. The story focuses on the growing sophistication of one particular online criminal organization, GoldenCashWorld. The story can be found at: http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2009/06/16/BUK618882A.DTL

Unfortunately, GoldenCashWorld is only one of many technically sophisticated criminal groups on the Internet. These groups continue to be successful at facilitating and conducting online criminal activity. This success enables their available resources to grow and technical capabilities to improve. The success also lures many new technically proficient individuals into the cyber criminal underworld. These issues combine to create an ever-growing threat of online criminal activity volume and sophistication which the security industry must adapt to in order to minimize the effects.

Cyveillance has long been aware of these efforts by the criminals who are forced to develop very sophisticated methods to bypass detection and security countermeasures. This is a clear indication that the efforts of Cyveillance and others in the security industry are working. As we enter a new era in Security and Intelligence with our acquisition by Qinetiq NA, Cyveillance will continue to make the investments in personnel and technology needed to protect our customers and always stay one step ahead of the bad guys.

For years now Cyveillance has been the cyber intelligence leader, emphasizing a proactive approach to cyber security. Our method of gathering, processing and delivering cyber intelligence to customers and partners for use in threat mitigation and cyber security planning is widely regarded in the market and our intelligence is often cited in the press. This intelligence-led approach to security is also one of the primary drivers behind our recently announced agreement to be acquired by QinetiQ North America.
 

With the recent release of the US Government’s Cyber Security Policy Review, Cyveillance’s intelligence-led approach is quickly gaining ground as a mainstream trend in security. A major focus of policy review is the discovery and analysis of potential threats and building and implementing the policies and infrastructure needed to prevent or block them. This proactive approach to security is the foundation for our technology which produces the actionable intelligence needed to stay one step ahead of these growing and dynamic cyber threats. For more detailed information on this approach, you can download The New Protection Paradigm: Intelligence-Led Security whitepaper at: http://www.cyveillance.com/web/forms/request.asp?getFile=106.

Cyveillance is extremely excited to become the latest addition to QinetiQ North America http://www.cyveillance.com/web/news/press_rel/2009/2009-05-06.asp. Cyveillance’s record growth, quality service, outstanding technology and single focus on Cyber Intelligence made for a perfect match to QinetiQ’s security and intelligence practice. The new combined entity will deliver exceptional Internet Risk and Threat Intelligence solutions and serve the worldwide commercial and government markets. Cyveillance will have access to QinetiQ’s resources and infrastructure to support our continued expansion and an increased ability to deliver new, innovative solutions.

By the marketplace reaction, many share our excitement. One posting in particular from Nick Selby at The 451 Group clearly grasped the larger picture and strategic value of cyber intelligence to today’s enterprise. Read his post here.

http://blogs.the451group.com/security/2009/05/06/some-context-around-the-cyveillance-acquisition/

You can see more story links here:

http://www.cyveillance.com/web/news/in_the_news.asp

Today’s front page article in USA Today points out the growing importance that intelligence gleaned from the open source Internet plays in national security. Excerpts:

The explosion of information available via the Internet and other public sources has pushed the collection and analysis of that material to the top of the official priority list in the spy world, intelligence officials say.

Open sources can provide up to 90% of the information needed to meet most U.S. intelligence needs, Deputy Director of National Intelligence Thomas Fingar said in a recent speech.

eWeek updates the Hannaford data breach story, explaining that malware was found to be present on the Web servers located in every grocery store owned by the chain. While the source of the malware remains unknown, the data breach exemplifies the damage that purpose-built malware can inflict on its target.

(more…)

Juicy Campus, the site created so that college kids can anonymously dish about, and in some cases slander, their fellow students is rekindling debates about Internet anonymity. For students who find themselves victimized by malicious comments, the nature of Juicy Campus leaves them little recourse for having the postings removed and identifying the responsible parties for potential libel claims.

(more…)

Domain Name Wire reports an email-based scam that targets domain name owners. The scam suggests that Web site operators must register their copyrighted content in order to be protected should someone else decide to copy their content. See the article and portions of the email here.

(more…)