According to The Register the conficker worm will have a signature that admins will be able to use to find which machines might have the worm. Up til now the only way was to monitor traffic and with Conficker C that was impossible as it didn’t send any traffic on the network but was waiting for instructions on a certain day.

Core Security has the full report but if your using VMWare Workstation, Player, or ACE on Windows there is a security exploit in the shared folders feature that allows a traversing of folders not being shared. According to VMWare until a patch is release there is this workaround.

To disable shared folders in the Global settings:

1. From the VMware product’s menu, choose Edit > Preferences.
2. In the Workspace tab, under Virtual Machines, deselect the checkbox for Enable all shared folders by default.

To disable shared folders for the individual virtual machine settings:

1. From the VMware product’s menu, choose VM > Settings.
2. In the Options tab, select Shared Folders and Disable.

I think this is hilarious.
A group of scammers called Mr Brain provide different phising, scamming tools to would be scammers. The reason the groups scripts are so popular are their ease of implementation, some can be done in as little as a minute. So the little script kiddies can just fill in a few details in the script config file and they think their done. The icing on the cake is these very scammers are themselves being scammed. The scripts also have some other code that is encrpyted that sends all the information gathered, back to the Mr Brain group. So these poor startup scammers just can’t get a break as the big guys already drained all the accounts.

Source: Netcraft

Apparently so has at least half of the rest of the users on the internet.

As more of everyone’s lives are taking place online the amount of personal information online is also growing. With the explosion of social websites, such as myspace and facebook, more people are starting to be concerned as to what they online identity looks like. Therefore 47% of internet users have searched for their name in a search engine. Of those that have “googled” their name only 3% do it regularly, 22% search occasionally, and 74% have searched at least once. I have to admit I fall in the 22%. Something that I didn’t think about was how much information can be found out about a person online, and how they themselves have divulged. A third of those “googlers” say that telephone numbers, addresses including email, employer information can all be found by a simple search. Talk about a stalkers delight.

From ComputerWorld

• The Confident Creatives: This group accounts for 17% of adult online users. They are mostly young adults who aren’t worried about how available their data is, but they still try to limit personal information.
• The Concerned and Careful: Twenty-one percent of adult users worry about the personal information available about them online and take steps to limit this data.
• The Worried by the Wayside: This group, which comprises 18% of Internet users, are anxious about the information that is available about them online but don’t do anything to limit that information.
• The Unfazed and Inactive: Forty-three percent of online adults don’t worry about the availability of their personal information online and don’t take steps to limit that information.

Source: ComputerWorld

Companies and businesses will always need an IT department, why you ask. Because the people these companies hire just don’t care about security or just don’t know any better. A recent survey of employees revealed that at least 35% have violated IT policies put in place to protect company as well as customer’s data. At least 15% have use P2P networking clients on corporate networks, if thats not asking for trouble I don’t know what is. What you had 100,000 customer accounts in your shared folder, oh well?!

Most employees don’t care about their information either, 3/4 or employees check their personal accounts (email, banking, ebay) from work. Not only does this pose a security problem in the form of spyware, viruses, and other forms of nasties, but puts their personal information out on a public network. That same 3/4 also probably installs the good ol bonzi buddy, and my cool web search. This is why companies will also need IT to clean up the mess their idiotic employees make, oh and to have someone to blame for the whole lost customer account thing.

Source: Net Security.org