Domain: proofpoint.com
Stories and comments across the archive that link to proofpoint.com.
Stories · 6
-
China Expands Research Funding, Luring US Scientists and Students (npr.org)
An anonymous reader quotes a report from NPR: In the past decade or so, China has been expanding its commitment to scientific research, and it shows. Chinese researchers now produce more scientific publications than U.S. scientists do, and the global ratings of Chinese universities are rising. Five years ago [professor of chemistry at the University of California, San Diego, JaySiegel] became dean of the school of pharmaceutical science and technology at Tianjin University. He says the university president recruited him to build an undergraduate program that would attract students from all over -- not just China. Siegel says the program is taught entirely in English. There's another aspect of getting a pharmaceutical science degree at Tianjin that Siegel expects students from throughout the world to find particularly attractive: The Chinese government plans to offer scholarships to cover the cost for students who enroll. Siegel says this is all part of China's effort to attract international scientists. Of course, there are some drawbacks with working in China. There are internet restrictions, making it difficult to reach certain websites; English isn't spoken throughout most of the country, posing a problem for many foreign visitors; and free speech isn't the same concept as it is in the United States. With that said, "There's no interference politically on the science," says Greg Herczeg, an astronomer at the Kavli Institute for Astronomy and Astrophysics at Peking University.
"We've had no political restrictions," says Siegel. "I know that people talk about them being out there, and I've heard rumors of things. But, for us personally, I would have to say no, I've not had that experience." -
Malvertising Campaign Infects Your Router Instead of Your Browser (bleepingcomputer.com)
An anonymous reader quotes a report from BleepingComputer: Malicious ads are serving exploit code to infect routers, instead of browsers, in order to insert ads in every site users are visiting. Unlike previous malvertising campaigns that targeted users of old Flash or Internet Explorer versions, this campaign focused on Chrome users, on both desktop and mobile devices. The malicious ads included in this malvertising campaign contain exploit code for 166 router models, which allow attackers to take over the device and insert ads on websites that didn't feature ads, or replace original ads with the attackers' own. Researchers haven't yet managed to determine an exact list of affected router models, but some of the brands targeted by the attackers include Linksys, Netgear, D-Link, Comtrend, Pirelli, and Zyxel. Because the attack is carried out via the user's browser, using strong router passwords or disabling the administration interface is not enough. The only way users can stay safe is if they update their router's firmware to the most recent versions, which most likely includes protection against the vulnerabilities used by this campaign. The "campaign" is called DNSChanger EK and works when attackers buy ads on legitimate websites and insert malicious JavaScript in these ads, "which use a WebRTC request to a Mozilla STUN server to determine the user's local IP address," according to BleepingComputer. "Based on this local IP address, the malicious code can determine if the user is on a local network managed by a small home router, and continue the attack. If this check fails, the attackers just show a random legitimate ad and move on. For the victims the crooks deem valuable, the attack chain continues. These users receive a tainted ad which redirects them to the DNSChanger EK home, where the actual exploitation begins. The next step is for the attackers to send an image file to the user's browser, which contains an AES (encryption algorithm) key embedded inside the photo using the technique of steganography. The malicious ad uses this AES key to decrypt further traffic it receives from the DNSChanger exploit kit. Crooks encrypt their operations to avoid the prying eyes of security researchers." -
Spam Hits Its Highest Level Since 2010 (networkworld.com)
Long-time Slashdot reader coondoggie quotes Network World: Spam is back in a big way -- levels that have not been seen since 2010 in fact. That's according to a blog post from Cisco Talos that stated the main culprit of the increase is largely the handiwork of the Necurs botnet... "Many of the host IPs sending Necurs' spam have been infected for more than two years.
"To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions... This greatly complicates the job of security personnel who respond to spam attacks, because while they may believe the offending host was subsequently found and cleaned up, the reality is that the miscreants behind Necurs are just biding their time, and suddenly the spam starts all over again."
Before this year, the SpamCop Block List was under 200,000 IP addresses, but surged to over 450,000 addresses by the end of August. Interestingly, Proofpoint reported that between June and July, Donald Trump's name appeared in 169 times more spam emails than Hillary Clinton's. -
Malvertising Campaign Infected Thousands of Users Per Day For More Than a Year (softpedia.com)
An anonymous reader writes from a report via Softpedia: Since the summer of 2015, users that surfed 113 major, legitimate websites were subjected to one of the most advanced malvertising campaigns ever discovered, with signs that this might have actually been happening since 2013. Infecting a whopping 22 advertising platforms, the criminal gang behind this campaign used complicated traffic filtering systems to select users ripe for infection, usually with banking trojans. The campaign constantly pulled between 1 and 5 million users per day, infecting thousands, and netting the crooks millions each month. The malicious ads, according to this list, were shown on sites like The New York Times, Le Figaro, The Verge, PCMag, IBTimes, Ars Technica, Daily Mail, Telegraaf, La Gazetta dello Sport, CBS Sports, Top Gear, Urban Dictionary, Playboy, Answers.com, Sky.com, and more. -
The Spamming Refrigerator
puddingebola writes "The 'Internet of Things' is as susceptible to malware and spam as the rest of the net. From the article, 'A fridge has been discovered sending out spam after a web attack managed to compromise smart gadgets...The spam attack took place between 23 December 2013 and 6 January this year, said Proofpoint in a statement. In total, it said, about 750,000 messages were sent as part of the junk mail campaign. The emails were routed through the compromised gadgets. About 25% of the messages seen by Proofpoint researchers did not pass through laptops, desktops or smartphones, it said.' Read Proofpoint's statement here." -
63% Of Corporations Plan To Read Outbound Email
John writes "Aviran's place reports that a recent survey of 332 technology decision-makers at large U.S. companies reveals that more than 63% of corporations with 1,000 or more employees either employ or plan to hire workers to read outbound email, due to growing concern over sensitive information leaving the enterprise through email."