The attacks on Swiss financial institutes with the aim of unjustified enrichment and the threat of the targeted industrial espionage via the internet are the main topics of the fifth semi-annual report of the Reporting and Analysis Centre for Information Assurance.

The report assesses the situation of the first half of the year 2007 in Switzerland and is now available online and clearly shows that the human factor remains the weakest point of ICT security.

Focus areas of issue 2007/I

• Attacks on Swiss financial services
  "Classic" phishing attacks by e-mail with password requests have decreased substantially in Switzerland. Moreover, all such attacks have been unsuccessful. On the other hand, successful attacks with malware have increased. Two-factor authentication systems (e.g. transaction authentication numbers, SecurID, etc.) do not afford protection against such attacks and must be viewed as insecure once the computer of the customer has been infected with malware.

• Industrial espionage and data theft
  The threat posed by targeted state or private industrial espionage continues. Not only the operators of critical infrastructures, the armament industry, or public authorities are threatened. Medium-sized industrial companies as well as manufacturers of luxury articles and fashion are also being targeted. The attacks are carried out by sending targeted e-mails to individual employees which contain malware in their attachments or links to bogus websites.
• Attacks on web servers:
  malware distribution, phishing, data theft Compromising of web servers has increased. The purpose is to use web servers to distribute malware, such as by drive-by infection, to steal data (especially on commercially used servers), to carry out (interim) storage of data (e.g. in connection with phishing), or to distribute messages that are generally political in nature.
• Malware / attack vectors
  Malware is still usually distributed through e-mail attachments or e-mails with links to bogus websites. Using clever social engineering techniques, the victim is deceived into opening the attachment or clicking on the link. Websites installing malware on the computer without any action by the user (drive-by infections) have heavily increased as an infection vector. Vulnerabilities in the operating system, the browser, or other applications are exploited. For a long time now, this no longer only happens on dubious sites, but also on (compromised) serious and well-known sites. Rates of recognition of malware by anti-virus software remain low.

The complete report is available on Melani website in italian, german, french and english.

A complete and useful list of all Internet risks and related protection measures is also available.

AirTalkr is another multiple IM client application immediately available in its beta version for Windows, Linux , Mac OSX as well as on Web-based version.

IM supported protocols are MSN, ICQ, GTalk, Yahoo and AIM but AirTalkr also connects you to your YouTube and Flickr accounts. In addition, AirTalkr creator Hu Shunjie comes with an interesting concept called "AirCards". AirCards are profiling cards where you can add of your buddies information such their Twitter and blog updates, their photos on Flickr as well as their profiles on MySpace and Friendster.

AirTalkr is a very light application but requires the installation of Abobe Integrated Runtime (AIR) which enables developers to use Flash, Flex, Ajax and HTML to create rich interface applications.

The AirTalkr version is still beta and some bugs have been reported but I personaly like this very smooth application and really looking to see what will come next (Skype, more social networking plateforms supported, etc..)

It definitively worth a try. Did I mention that AirTalkr is free and totally Ads-Free (Thanks Hu!). 

Download AirTalkr here and Abobe AIR here.

Whisher, a Spanish start-up, backed by Switzerland’s leading phone company, Swisscom, and the venture firm Benchmark Capital Europe is apparently very active for few month now. The principle of Whisher is that Wireless Access to the Internet should be free and accessible from everywhere which is basically the same concept than FON Movimiento, except that you don't need to purchase any specific hardware.

Whisher' users are requested to download an application through which they can share their wireless access (works also with WEP or WPA connections) with other Whisher members 

The newly released version 2.0 beta of the software offers more than just storing and encrypting connections' passwords such:

• Wireless connection manager
• WiFi sharing
• Chat with other users connected on the same wireless access point.
• Multi Instant Messenger support (Yahoo, MSN, AIM, ICQ, GoogleTalk, Twitter, Jabber)
• File Transfer (with users sharing the same wireless AP)
• LAN Support
• GeoLocation
• Other Networks connections (access via commercial access; hotspot, etc..). FON is supported too.
• Around You. Gives you informations about coming events, restaurants around the wireless connection you are currently using.

New services that should be available soon :

• Voice Support
• Global File Sharing 

Plateform supported : Windows XP, Linux, Mac O/S. Vista not available yet.

The software is still beta and some stability and registation problems have been reported. More information on their Blog