A co-researcher Richard Ford at the Florida Institute of Technology’s College of Engineering and Computer Sciences wrote in an article to Science Magazine’s July issue that the first computer virus was created 25 years ago, but sees no end in sight to malicious software.

John Timmer similarly writes his take on this article.

Myself, I say take a step back. Consider that the drive was to make computers a household appliance. Even better, getting a driver’s license means you know how to operate a car and know the dangers on the road. Drivers listen to the radio for traffic changes, we watch the news to know the weather in relation to how we should drive. Thats being proactive, its being vigilant against the unknown dangers on the road. Agree?

I like Science as a magazine, and even better the fact that they can talk about the chilling reality of the human paradigm — expectations on technology versus the immediate reality of the threat. That same human paradigm does not want to hear the sad truth that it is gullable and stupid unless better informed and armed with relevant information. So why are computer users, and similarly users of technology not taking the time to pore through security forums on a daily basis proactively to be well informed? There is a huge disjoint here.

Para-phrasing David P’s own sentiments that malware used to be likened to online graffiti, even in today’s physical reality some individual’s penchant to write on subways and public walls has not abated — neither has crime and fraud in its smallest form even if neighborhood police and secret service are just around the corner. Has anyone watched last year’s movie “The Good Shepherd”? This month of July celebrates the 60th year of the CIA. It is as live today as it was then, simply because the dangers have also changed!

That said, it looks like the anti-malware (anti-threat) community will be as vibrant as ever. It isn’t like a couple of years ago where we saw ourselves as cyber-firemen. Being passive does not catch the bad guys, it is as reactive as all the old passive technologies like IDS and IPS. Ever since malware has taken to cyber-crime, without everyone in the security field knowing it we have all become cyber-sleuths and products and services have become the online police.

In this day and age solutions like network behavior monitoring, as well as traffic repudiation and analysis are the new tools. Self defending networks are fine too, but these should always be tempered and fine tuned to adapt to the computer user’s changing appetite for content and technology.


P.S.

Take another trip to YouTube (make sure its the main site, not a trojan masquerading as a codec) and watch the sci-fi online flick Afterworld. See how the story unfolds while Rus Shoemaker copes with a world bereft of technology.

An interesting scenario was presented by a Proof-of-Concept exploit that uses IE(any version) to run possible malicious Javascript codes in Firefox version 2.0.

Yes, dear readers, IE and Firefox working together! Aptly categorized as Cross Browser Scripting, this particular exploit targets vulnerable parameters passed across different browsers (in this case IE to Firefox). As of the moment, several Proof-of-Concept codes can be found in web, where safe payloads such as spawning a command prompt or saving a non-malicious text file are performed.
This does not bode well and I think it is only a matter of time when malware authors start developing actual malware codes based on this vulnerability.

To add more “bad” news, Microsoft (IE) and Mozilla (Firefox) are pointing fingers on who should fix the flaw.

One, two…phish! Approximately two seconds is now all it takes to create phishing sites with the use of a new “plug and play” phishing kit that malicious users have fashioned to automate the installation of a phishing site. This significantly speeds up the phishing process, which normally requires a fraudster to access a compromised server several times, and lowers the risk of them being identified and caught by PC and network security systems.

The said toolkit is reportedly contained in a single file that, when double-clicked, creates entire phishing sites in a snap. It contains PHP and HMTL files, which have been previously used in other phishing attacks that target a certain financial institution, according to the RSA, the research division of EMC.

It was the RSA Anti-Fraud Command Center (AFCC) that conducted a forensic analysis that led to the discovery of the said toolkit. AFCC also claims to have mitigated the said attacks, as well as shut down the phisher’s email address, which was discovered within the PHP code.

This kind of phishing kit signals a disturbing development in online fraud. If similar toolkits emerge, phishing sites might grow exponentially and more people could fall for phishing attempts. Users should be alert to such attempts and give pause before giving away personal credentials online, especially when accessing banking-related sites. .

The full RSA Monthly Fraud Report for June can be downloaded here.