By now, it’s practically a mantra that the biggest problem with corporate IT security is the employees themselves. However, we usually assume that’s due to ignorant users or poorly enforced policies. Not so for a chunk of the US working population—according to a survey conducted by Harris Interactive, 12 percent admitted to knowingly violating IT policy in order to get work done.

The survey of 1,347 employed adults was conducted on behalf of Fiberlink, a company that hawks services that “help enterprises connect, control and secure laptops and mobile devices.” Needless to say, the survey results fit perfectly into the company’s agenda, but they are hardly surprising. After all, how many of us know someone who has left a work laptop in an unattended vehicle, sent unencrypted e-mails without permission, or reused the same three passwords over and over instead of choosing new ones every 90 days?

Fiberlink CEO Jim Sheward warned of the obvious. “IT departments nationwide spend a lot of time and money on their compliance, usage, and access policies, but they only work if people follow the rules,” he said in an e-mailed statement. [C]ompanies could face dangerous breaches that include the loss of sensitive data, competitive intelligence, or customers’ private information.”

Harris’ findings are supported by previous reports saying that leaky employees are a bigger threat than malware, that employees (not hackers) cause the most corporate data loss, and that employees’ online activities pose the greatest threat to IT security. With 12 percent of those people actively working outside of stated IT policy (and plenty more who do so out of ignorance), IT admins certainly have their work cut out for them if they want to maintain a tight ship.

Read the comments on this post

Identity theft prevention service LifeLock is not as pristine as its reputation claims after all. The company agreed to pay out $12 million to settle charges with the Federal Trade Commission and 35 states, which had said that LifeLock’s identity-theft-prevention claims were false and that the company actually made its own customer data available and unsecured from theft. As it turns out, there is no way to fully guarantee that identity theft won’t happen, no matter what someone puts on the side of a truck.

LifeLock has made a name for itself as the go-to service if you never want to have any part of your identity stolen, ever. The company claims to proactively protect your information against fraud, alert you to any kind of shady activity, and reduce credit card offers for $10-15 per month. Those who have seen LifeLock’s trucks driving around their cities know that the company used to slap its CEO Todd Jones’ social security number on the side of the vehicle along with a number of claims guaranteeing that its customers won’t fall victim. (As an aside, Jones’ identity allegedly ended up getting stolen in 2007.)

Read the comments on this post

More than 40 percent of the world’s malicious websites are hosted in the United States, according to a new research study from AVG Technologies.

Most Malicious Websites Hosted In U.S.

The AVG research study is based on the analysis of threats reported during the last 6 months from AVG’s 110 million global users of its LinkScanner security product. The research indicates an increase in malware serving websites targeting end users, which usually focus on stealing online baking information, credit card information, personal identities and passwords to social sites.

After the United States countries hosting the most malicious websites include Germany and China at just five percent each. Many of these malware-serving websites are legitimate sites compromised by hackers to serve exploits on their behalf. In total, exploitive servers were found in nearly 4,600 locations throughout the U.S.

AVG says it is important to note the research makes no statement about who owns or is directing the servers and the criminal networks are located all over the world.

“The results of this study shatter the myth that malicious code is primarily hosted in countries where e-crime laws are less developed,” said Karel Obluk, Chief Technology Officer, AVG Technologies. “Our research shows that malicious content is much more likely to show up on web servers in the U.S. than one in Asia or Eastern Europe. This makes perfect sense since the USA is a primary target market for the criminals and has rich and mature Internet infrastructure making the threats both highly accessible and cheap to host.”

“What is most striking is the clear rise in the number of malicious servers in the last six months. Today’s hacking techniques are highly evasive so the average user cannot tell if a website is serving malware or not. A web security product is needed.”

Cheapy cable outlet Monoprice may have been hacked. Monoprice says some customers (including some of us at Ars) have reported fraudulent charges, so check your statements!

Read More:
Monoprice

Read the comments on this post

Antivirus 7 (also called as Antivirus7) is a totally misleading anti-spyware software that just like many rogue applications seeks to convince users that they really need to purchase its commercial version. Every time Antivirus7 infects computers, it announces hundreds of cyber threats detected though in fact this application has nothing to do with PCs security. Keep in mind that Antivirus 7 has no spywaresâ detection or removal engine, so donât fall into it and remove if the program is spotted on your machine.

Antivirus 7 is mostly propagated through fabricated online scanners and trojans viruses that hide in video codecs foolishly required for watching videos online. When the malware is installed, it starts using malicious techniques trying to convince users that they really need to purchase it. Antivirus 7 classically loads deceptive pop up ads telling users about cyber threats they have and additionally redirects them to the websites actively promoting malware as well. Redirections are the cause of the browser hijacking technique which is also used by Antivirus7.

Once on board, the trial version of Antivirus 7 will run permanently while people browse the Web. Victims will be annoyed to death with these bogus security alerts and system scanners reporting the same fake viruses "deteted" and pushed straight away into purchasing it. Instead of taking the sugesstion to buy this useless commercial version, remove Antivirus 7 immediately. In truth, infections listed by Antivirus 7 are invented by the same scam or are even normal and important system files, so deleting them is absolutely wrong idea. Donât pay for this rogue anti-spyware and get rid of Antivirus 7 and all its associated data. Scan your computer for Antivirus 7 as soon as you notice its misleading activity on your machine.

Malware Description:
Browsersecurecheck.com has been identified as a hijacker that takes over one’s browsing and redirects a user to fraudulent payment web pages. Typically, people run into diverts to Browsersecurecheck.com if their systems get…

T…

Adware.BrowserVillage.e is an adware program that displays banner adverts and sends stolen information to a central server for hackers. Adware.BrowserVillage.e is installed via shareware and freeware programs and will monitor the user’s Internet activity. Adware.BrowserVillage.e then displays advertisement banners and popups in the infected machine based on the websites the user visited. Adware.BrowserVillage.e should immediatley be terminated. Do not give this malicious program any leeway to do its devious dirty work.

Worm.Yacspeel.A.dll is a dangerous computer worm which has the ability to spread onto local drives of the infected system. Once a system is infected with Worm.Yacspeel.A.dll, it can delete and create corrupt system files. Worm.Yacspeel.A.dll loads at startup making it very difficult to manually detect and remove from an infected computer. A reliable anti-spyware program is recommended to rid your infected system of Worm.Yacspeel.A.dll.

Trojan.PolyCrypt.h is a Trojan keylogger program that can steal confidential details like credit card numbers and other online banking details. Trojan.PolyCrypt.h is capable of modifying the host file and restricting access to security websites. Trojan.PolyCrypt.h may be installed via fake or misleading means, without the user’s full awareness or agreement. Have Trojan.PolyCrypt.h removed using a reliable anti-virus program.

The Gibmedia adware program comes packed with a keylogger and other malicious infections. Gibmedia is downloaded in a malware and virus bundle and may also be linked to a fake security suite. Other malicious activities include providing hackers with valuable personal information for identity theft and other cybercrimes. Gibmedia poses a threat to personal and computer security and should be removed immediately once detected.