Online Security Threats report of 2012

PROTECT PEOPLE & INFORMATION IN ANY ENVIRONMENT ONLINE SECURITY 2012 |JAN THREATS IN Data breach: 24 million identities stolen in data breach at Zappos apparel company. Malcode: A scam involving malicious browser plug-ins for Firefox and Chrome is discovered. FEB Botnet: Kelihos botnet returns, four months after being taken down. Mobile: Google announces Google Bouncer, an app scanner for the Google Play market. |MAR Botnet: Researchers take down new variant of the Kelihos botnet, which reappears in a new form later in the month. Hacks: Six individuals are arrested as alleged members of the hacking collective LulzSec. Botnet: Security researchers take down key servers for the Zeus botnet. Data breach: A payment processor for a number of wellknown credit card companies, including Visa and MasterCard was compromised, exposing details of 1.5 million accounts. 1 Safe. APRE Mobile: A non-malware-based scam involving the Opfake gang is found that targets iPhone users. Mac: Over 600,000 Mac computers are infected by the OSX.Flashback Trojan through an unpatched Java exploit. Mac: A second Mac Trojan is discovered, OSX.Sabpab, which also uses Java exploits to compromise a computer. |MAY Social networking: Scammers are discovered leveraging social networks Tumblr and Pinterest. Malware: The cyberespionage threat W32.Flamer is discovered. Certificate Authorities: Comodo, a large Certificate Authority, authenticated and issued a legitimate codesigning certificate to a fictitious organization run by cybercriminals. This was not discovered until August. Data breach: Linkedin suffers data breach, exposing millions of accounts. |JUN Malware: A Trojan by the name of Trojan.Milicenso is discovered, which causes networked printers to print large print jobs containing illegible characters. 900 000 |JUL Botnet: Security researchers disable the Grum botnet. Malware: Windows malware is discovered in Apple's App Store, embedded in an application. Mac: A new Mac threat called OSX.Crisis opens a back door on compromised computers. Botnet: DNS servers, maintained by the FBI in order to keep computers previously infected with the DNSChanger Trojan safe, are shut off. Malware: A Trojan used to steal information from the Japanese government is discovered after being in operation for two years. Malware: A second printer-related threat called W32.Printlove, which causes large print jobs to print garbage, is discovered. |AUG Hacks: Reuters news service suffers a series of hacks resulting in fake news stories posted on its website and Twitter account. Malware: Crisis malware is discovered targeting VMware® virtual machine images. Malware:: W32. Gauss is discovered. The scope of the threat is concentrated in the Middle East, in a similar way to W32.Flamer. Certificate Authorities: Comodo incident from May discovered and details published. SEP Malware: A new version of the Blackhole attack toolkit, dubbed Blackhole 2.0, is discovered. Botnet: Security researchers disable an up-and-coming botnet known as "Nitol." Mobile: A vulnerability is discovered in Samsung's version of Android TM that allows a phone to be remotely wiped. DDOS: FBI issues warning about possible DDOS attacks against financial institutions as part of a "distraction" technique.2 JOCTE Malware: A ransomware threat distributed through Skype IM is discovered. Data breach: Customer data is stolen from Barnes & Noble payment keypads. Attackers are discovered using a DDOS attack as a distraction in order to gather information that allowed them to later steal money from a targeted bank, INOVE |DECE Hacks: Burglars found using a known exploit in a brand of hotel locks to break into hotel rooms. Malware: Infostealer.Dexter Trojan horse discovered targeting point-of-sale systems. Hacks: Attackers exploit a vulnerability in Tumblr, spreading spam throughout the social network. tumblr. PROTECT YOUR ORGANIZATION FOR UNEXPECTED THREATS It Hacker treats equally - small or large business. You should be protected against security breaches. It Regulate update firewalls, gateway antivirus and intrusion protection and detection system. It Educate employees regarding the prevalent threats, risks involved in social engineering. It Prevent the data loss by data protection software and encryption. IG Along with SSL certificates, install anti-malware and anti phishing detection tools. Safes It Secure your website with SSL rather than just securing the login page and payment procedure. It Ensure the security of the keys of code signing certificates like storing on cryptographic hardware. It Update without missing, the patches as well as softwares. As soon as a newer version is available, upgrade your software, applications etc. IC Limited and secure exposure to social media It Assess the risks prevalent in Cloud before signing up for it. It Retain a thorough know-how regarding the social engineering (telltale signs, bogus offers and quid- pro-quo). It Avoid usage of marginal websites (adult sites, pirated software providing sites), implement blocking of advertisement. It Think twice before clicking on the suspicious or bogus link inside you e-mail. Even though you have received it from your friends or relatives. It Along with antivirus, include browser protection tools, reputation solutions and application control set- tings (preventing unnecessary download). IO Restrict usage of USB and other devices. SOURCE:- PUBLISHED BY:- Symantec Corporation Internet Security Threat Report 2013 ClickSSL Connect With Confidence https://www.clickssl.com IIIIIIIIIIIIIIITIIIIITIIIII|TIIIIITITIIII TTIIITITIIIIIIIIIIIIIIIIIIIITIIIIITIIIIIITIIIIIITITIIIITITIIIITIIIIIIIIIIIIIIITIIIIITIIIIIITIIIIIITII IITTTT|ITIIIIIITIIIITITIIITL IITT IITTTTT IIIIIITIIIIIIT|| IITTTT IITIII|IIIIIITT IITTTTTITIIIITITIIIII IIIIIITIIIIIITITIIIITT IITTIT|| IITTTT||IIIIII