2013 January 14 | Security Intelligence

January 2013
S	M	T	W	T	F	S
« Dec		Feb »
	1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Jan14

Botnets Are Everywhere – See How They Spread in the Trend Micro Global Botnet Map

5:53 pm (UTC-7) | by Jon Clay (Core Tech Marketing Senior Manager)

Cybercriminals today create and use botnets to perpetrate their criminal activities. Whether it is to send out Blackhole Exploit Kit spam or to use as entry points into organizations, the one constant is that most bots (victim computers) communicate back and forth with command and control (C&C) servers. Trend Micro’s Global Threat Intelligence, derived from our Smart Protection Network™, monitors C&C servers, infected Bots, and the malicious communication between the two regularly to ensure our customers are protected.

Today we’re publishing a new global map showing active C&C servers, highlighted by red dots, and bots (victim computers), highlighted by blue dots, to show you where these botnets are located in the world. If you are using the Chrome or Firefox browsers, you will see some of the dots radiate, showing any systems that are tied together (a unique botnet). All users can mouse over any of the servers to get a pop-up message that shows the server location, when it was first observed, most affected countries, and the total number of victims we’ve found associated with that server. Note that the blue dots represent more than one victim in most instances.

Read the rest of this entry »

Posted in Botnets | Comments Off

Jan14

How to Use Java – If You Must

11:29 am (UTC-7) | by Jonathan Leopando (Technical Communications)

With Java going through another embarrassing zero-day vulnerability recently, it has become a common bit of advice for users to “uninstall Java”.

In general, this is sound advice. If possible, users should uninstall Java if they don’t need it. Unfortunately, for many users this simply isn’t an option. Many enterprises have custom apps built on the Java platform. Consumers may also need access to Java for banking sites (many of which are Java-based) or software (Minecraft needs Java to run.)

So, how can you use Java safely? First, the Java threat largely comes from malicious applets that come from malicious websites. If you have Java installed because an application needs it, then you can disable Java in your browser(s) without affecting your user experience.

It used to be that you would have to do this on a browser-by-browser basis, but that isn’t the case anymore. In the current version of Java, you can do this in the Java Control Panel. Instructions on how to access this can be found here. Applets in webpages will no longer work, but Java apps will continue to run without any problems.

What if you need Java for a website, like an internal company site or your bank?

Read the rest of this entry »