The fact that the attackers are particularly interested in banks is indirectly confirmed by other studies. According to the global survey by B2B International and Kaspersky Lab, about 37% of all banks suffered at least once from phishing attacks in one way or another over the past twelve months.<\/p>\n
Find more on the new study here<\/a>.<\/p>\n Showdown<\/b><\/p>\n Network security experts ambiguously reacted to the emergence of Trojan Carberp\u2019s source code<\/a> on the Web. Carberp is a banking Trojan used to steal money. In March 2013, Russian police detained a group of hackers who had stolen about 60 million rubles with the help of Carberp and Backdoor.Win32.Shiz. But this arrest does not mean that the \u201cuniversal bankbot\u201d threat was eliminated for good. Firstly, the offers to buy Carberp did not stop appearing on the Web, and secondly, the \u201caffiliates\u201d that have previously been reported for spreading the Trojan are still working. Furthermore, on the very day the arrest of the criminals was announced three new test servers for Carberp appeared<\/a>, all of them with German IP addresses.<\/p>\n And then the source code of the infamous Trojan \u201cleaked.\u201d As mentioned above, the reaction to this event was ambiguous. On the one hand, security experts got the opportunity to thoroughly study this malware. On the other hand, the virus writers obviously have continued doing their business, and the new derivatives are expected soon enough.<\/p>\n Facebook hijacked in sixty seconds<\/b><\/p>\n The Facebook administration awarded British information security researcher John Whitton (aka fin1te) when he detected a serious vulnerability that could let an attacker access any Facebook account via SMS. John Whitton discovered the bug in late May and immediately notified Facebook about the flaw. A few days later administrators fixed the issue, but until recently there was no word about the $20,000 reward assigned to that bug.<\/p>\n Whitton\u2019s exploit took advantage of Facebook\u2019s mechanism for activating and using mobile texts with the social network. More details<\/a> on the bug in Whitton\u2019s blog.<\/p>\n Hit and run<\/b><\/p>\n The famous video game developer Ubisoft was hit by hackers who managed to steal usernames, email addresses and encrypted passwords from the company\u2019s server.<\/p>\n The company\u2019s official blog assured<\/a> that personal payment information was safe from the intrusion. Nevertheless, all users were advised to change their passwords on Ubi.com as well as on any other resources where the same or similar passwords could be used.<\/p>\n No spies allowed!<\/b><\/p>\n One of the Pirate Bay co-founders Peter Sunde announced<\/a> that he was raising money for the development of a spy-proof messaging application for iOS and Android. Sunde explained that the application, which his under the working title Hemlis<\/a> (Swedish for \u201csecret\u201d), would utilize end-to-end encryption to ensure that only the two people carrying on the text conversation would have access to its data.<\/p>\n Sunde got the idea to create such an app because of the NSA scandal with the U.S. global cyber espionage program PRISM. Since the topic of security services surveillance is hyped again, there are going to be many people who would like to take advantage of it. The point is to identify the real purposes of those people and the efficiency of spy-proof applications.<\/p>\n A volley of Microsoft security bulletins<\/b><\/p>\n Microsoft released seven security bulletins (MS13-52 \u2013 MS13058), describing a number of vulnerabilities in the company\u2019s products. Six of them are assigned \u201ccritical\u201d. Serious flaws were found in Internet Explorer and DirectShow.<\/p>\n There was also another problem detected while processing TrueType fonts, affecting Microsoft Office, Visual Studio, .NET, Silverlight, Lync and some components of Windows. Technical details on that vulnerability were described in three bulletins.<\/p>\n More information<\/a> can be found on our blog at Securelist.<\/p>\n What the misuse costs you<\/b><\/p>\n According to surveys from Europe<\/a> and the United States<\/a> employees spend up to 30% of their work time on personal issues. By multiplying the spent time with the average cost of a working hour, analysts estimate the amount of damage as millions of dollars a year. Indirect losses may be even larger. Employees use desktops for social networking, sharing links to entertaining content, and downloading files from suspicious sources. At the same time, hackers actively exploit social networks for phishing and malware distribution, many personal blogs, entertainment sites, file sharing sites, torrent trackers and downloaded files are contaminated, and passwords to email accounts get regularly cracked or stolen.<\/p>\n![\"facebook\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2013\/02\/06051657\/facebook.png\")
<\/a><\/p>\n