OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Qualcomm Sics Fire-Breathing Snapdragon on Android Hackers
September 1, 2015
Qualcomm on Monday announced Snapdragon Smart Protect, a hardware-software product that could make the world a safer place for Android smartphone users. Snapdragon Smart Protect, which will become available with Qualcomm's upcoming Snapdragon 820 processor, will provide real-time, on-device machine learning designed to support accurate and effective detection of zero-day malware threats.
Malvertising Headache Swells to Migraine Proportions
August 26, 2015
Online advertising that pushes malicious software to consumers has increased 325 percent over the past year, Cyphort Labs reported Tuesday. Malvertising is adding to what is already a significant problem for online advertisers. Ad fraud will cost global advertisers more than $6 billion this year, according to the Association of National Advertisers.
Mozilla Plugs Dangerous Firefox Zero-Day Hole
August 10, 2015
Mozilla on Friday released security updates to fix a zero-day flaw in the Firefox browser. An exploit that searches for sensitive files and uploads them to a server -- possibly somewhere in Ukraine -- has surfaced in an ad on a Russian news site, Mozilla reported last week. The exploit impacts Windows and Linux users. Mac users could be hit by a modified version.
OS X Zero-Day Exploit Threatens Massive Mac Attack
August 4, 2015
Mac users, beware -- the ads you see on the Web could let hackers hijack your device. Malwarebytes has discovered a new zero-day exploit in OS X that lets apps bypass passwords during installation to get root permission through a Unix shell. A new adware installer downloaded by a Malwarebytes researcher modified his sudoers file -- a hidden Unix file that controls access to root permissions.
Malvertisers Poison Yahoo's Ad Network
August 4, 2015
Yahoo's ad network suffered an attack that lasted for almost a week, Malwarebytes reported mid-day Monday. Malwarebytes earlier notified Yahoo of the attacks, which began July 28. Yahoo had stopped them by the time the report was published. The attackers used the Angler Exploit Kit, described as highly sophisticated, to redirect visitors to ad sites on two Microsoft Azure domains.
Swipes, Taps and Cursor Movements Can Foil Cyberthieves
July 16, 2015
Swipes, taps, cursor movements and other ways of interacting with electronic devices can be used to protect online merchants from Net fraudsters. Many people are familiar with biometric authenticators like irises, fingerprints and voices, but it turns out that how we behave with our machines, including typing speed and the use of keyboard shortcuts, can authenticate our identities, too.
Feds Deliver Darkode's Doomsday
July 16, 2015
United States law enforcement agencies and their counterparts in 19 countries on Wednesday announced they had dismantled the Darkode hackers' forum. Charges, arrests and searches were launched against 70 Darkode members and associates around the world, and 12 people associated with the forum were indicted in the U.S. The agencies also served several search warrants in the U.S.
Gunpoder Malware Masquerades as Lesser Evil
July 9, 2015
Palo Alto Networks' Unit 42 team on Tuesday published a report on Gunpoder, a family of Android malware that can evade detection scans by pretending to be adware. Cong Zheng and Zhi Xu authored the report. The team discovered the new Android malware last November. Its new report aims to spur cooperation within the security community to mount defenses against the threat.
Security Pros Shine Light on Shadowy Cyberspy Ring
July 8, 2015
A highly sophisticated group of hackers who use cutting-edge techniques to shield their attacks from detection has been bedeviling corporations around the world for several years. The group, which Symantec dubbed "Morpho" and Kaspersky Lab calls "Wild Neutron," has hit multibillion-dollar corporations in the Internet, software, pharmaceutical and commodities sectors in at least 11 countries.
Hacking Team's Dingy Laundry Hung Out Online
July 6, 2015
Fireworks of a different kind rocked the security world this Fourth of July weekend, when news surfaced that hackers breached Hacking Team, an Italy-based firm that develops malware for governments and law enforcement. The attackers reportedly exposed 400 GB of data stolen from its servers. "It appears [Hacking Team] were compromised through social engineering, said Bugcrowd's Jonathan Cran.
New Android Malware Sprouting Like Weeds
July 1, 2015
Information stored on an Android smartphone or tablet is vulnerable to almost 4,900 new malware files each day, according to a report G Data SecurityLabs released Wednesday. Cybercriminals' interest in the Android operating system has grown, the firm's Q1 2015 Mobile Malware Report revealed. The number of new malware samples in the first quarter increased 6.4 percent.
US, Brit Spooks Bedevil Security Software
June 24, 2015
The United States' National Security Agency and the UK's Government Communications Headquarters reportedly have been attacking antivirus and other security software since at least 2008. The aim is to infiltrate networks and track users. The agencies apparently have reverse-engineered security and antivirus software, sometimes under dubious legal authority.
Routers Becoming Juicy Targets for Hackers
June 18, 2015
Most consumers pay as much attention to routers as they do to doorknobs. That's not the case with Net marauders. They're finding the devices ripe targets for mischief. "We've seen a big increase in malware designed for home routers," said Incapsula researcher Ofer Gayer. "Every week, we see a new vulnerability in a vendor's routers," he said. "They're low-hanging fruit if you're a hacker."
Duqu 2.0 Makes Other Malware Look Clunky
June 12, 2015
Duqu 2.0 may have just snatched the title of "most sophisticated malware ever," according to Kaspersky Lab, which published a report on the new threat this week. Kaspersky discovered Duqu 2.0 after the malware penetrated its own internal networks. "The philosophy and way of thinking of the Duqu 2.0 group is a generation ahead of anything seen in the APT world," said Kaspersky's Kurt Baumgartner.
The Painful Persistence of Ad Injections
June 1, 2015
Some of those annoying ads that pop up when you visit a site on the Web or do a search may be served up by, for want of a better word, "hijackers." They use binaries, extensions, or network ISPs to modify a page's content to insert or replace ads with or without the user's consent. It's called "ad injection," and the problem is extensive. The problem begins with software infecting users' browsers.
No Wrongdoing at NCIS, Says Defense Watchdog
May 28, 2015
The U.S. Department of Defense's Inspector General has rejected allegations that the Naval Criminal Investigative Service engaged in questionable domestic intelligence activity. The finding concluded a DoD IG probe spurred by allegations that NCIS was making available to military intelligence agencies its Law Enforcement Information Exchange, a database of 506.3 million law enforcement records.
Linux/Moose Malware Wreaks Havoc on Social Networks
May 27, 2015
Internet security researchers at Eset on Tuesday published a security research paper on Linux/Moose, a major threat to social networks that turns routers into conduits for grabbing users' log-in credentials, employing them for network fraud and to further spread malware to client devices that connect through them to the Internet. The paper, "Dissecting Linux/Moose," details a months-long investigation.
Spy Agencies Planned to Corrupt Google Play
May 22, 2015
The United States and its leading Western allies, known as the "Five Eyes," reportedly planned to hack into smartphones through their links to Google and Samsung's app stores. They wanted to infect apps with spyware and find ways to send misinformation to targets, according to documents released to the media by National Security Agency whistle-blower Edward Snowden.
Containing the Zombie Malware Outbreak
May 22, 2015
Your computer could be operating as part of a botnet, sending out email spam, stealing confidential information, or furthering the spread of malware at this very moment. Computers can become zombies in many ways, but the most common technique is through a Trojan virus installed via malicious email attachments or drive-by downloads from infected websites.
Venom Less Toxic Than Heartbleed
May 20, 2015
It was a little over a year ago that the Heartbleed bug shocked the Internet with its potential for mischief. Now another flaw in open source code has sent network administrators into damage control mode. The bug, called "Venom" for "Virtualized Environment Neglected Operations Manipulation," allows an intruder to jump out of a virtual machine and execute malicious code on its host.
5 IT Security Implementation Myths
May 19, 2015
There's a common perception that implementing comprehensive IT security to protect against today's sophisticated threats and attacks is a difficult and expensive task, and that the benefits of replacing current solutions (even if highly ineffective) are seldom worthwhile. This mindset has resulted in many businesses dealing with a virtual patchwork of disparate systems.
FireEye, Microsoft Outsmart Clever Chinese Malware
May 15, 2015
FireEye and Microsoft have scotched a scheme by a group of cybercriminals based in China to use an IT pro forum to hide malicious activity, according to a report released Thursday. The Chinese gang known as "APT17" devised the scheme, which uses forum pages and profiles on Microsoft's TechNet, to cover traffic from machines infected with the group's Black Coffee malware.
Venom Vulnerability Could Violate Virtual Machines
May 14, 2015
Crowdstrike on Wednesday made public its discovery of yet another long-buried Linux vulnerability. "Venom," as it has been dubbed, was unearthed by the firm's senior security researcher, Jason Geffner. It is listed as vulnerability CVE-2015-3456. Venom exists in the virtual floppy drive code used by virtualization platforms based on QEMU, or quick emulator. It has been around since 2004.
Mumblehard Malware Mugs Linux Servers
May 5, 2015
A family of Linux malware targeting Linux and BSD servers has been lurking around for five years. Dubbed "Linux/Mumblehard," the malware contains a backdoor and a spamming daemon, both written in Perl. The components are mainly Perl scripts encrypted and packed inside an executable and linkable format, or ELF, said Eset. In some cases, one ELF executable with a packer nests inside another.

See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS
Targeted advertising...
Gives me the creeps -- I hate it.
Is really helpful -- I like the personalization.
Is effective -- it makes business sense.
Is irrelevant to me -- I use an ad blocker.