OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
New Tech Targets Enterprise Ransomware
November 23, 2015
SentinelOne last week introduced an addition to its behavioral solution designed to address the problem of ransomware scrambling files on a computer. Ransomware has been a scourge not only for consumers, but for the enterprise, too. The malicious software can be particularly nettlesome for enterprises because they have to protect many endpoints -- phones, tablets, laptops, desktops and servers.
Dojo Stands Cybersecurity Guard for Smart Homes
November 20, 2015
Dojo-Labs on Thursday introduced Dojo, a device that plugs into the router of a home network and acts as a watchdog to ensure that everything connected to the network is operating on its best behavior. The device brings some of the advanced technologies used to protect corporate networks to the home. It can prevent attacks and detect intrusions by observing how a device behaves on the network.
FBI, Carnegie Mellon Deny $1M Contract to Crack Tor
November 19, 2015
The FBI has denied allegations that it paid Carnegie Mellon University security researchers $1 million to crack a network designed to protect the anonymity of its users. The Tor Project, which operates the network, last week accused the FBI of cutting the CMU deal. The attack on Tor occurred from January to July 2014. The attackers discovered a way to strip the anonymity of Tor users.
Decryption Tool Foils Linux Server Ransomware Attacks
November 11, 2015
Bitdefender on Monday released a free decryption tool designed to wrest data from the grip of a rare type of ransomware that's been plaguing Linux servers. Details for performing the decryption are available on the company's website. Essentially, the solution takes advantage of a flaw in the ransomware, which Bitdefender discovered through reverse-engineering.
NIST Seeks Review of Email Safety Doc
November 11, 2015
Email systems have become so routine that consumers and workers often regard them as simply part of the furniture. However, the technology is more complex than most users appreciate -- and that complexity makes it vulnerable to cyberthreats. Increased use of email has resulted in a corresponding increase in criminal and nuisance threats, NIST said in a recent advisory on email security.
Deep Learning App Targets Malware
November 10, 2015
Here's the problem with most programs aimed at killing malicious software: They need someone to tell them something's malicious. What if, however, the programs had the smarts to identify bad code on their own? That's what a company called Deep Instinct says its security solution, launched last week, can do. The offering works its magic with a technology called "deep learning."
Mobile Malware's Growth Slows, Nastiness Grows
November 4, 2015
The good news about mobile malware in 2015 is that growth has slowed down. The bad news is that the malware entering the market is more virulent than ever. While there hasn't been a sharp rise in the volume of mobile malware this year, the increasingly malicious nature of the types of malware and attacks is alarming, Blue Coat Systems said last week in its 2015 Mobile Malware Report.
Researcher's Demo Sheds Doubt on Fitbit Security
October 23, 2015
Fortinet security researcher Axelle Apvrille demonstrated Wednesday in a presentation at the Hack.lu conference in Luxembourg. Apvrille showed how it was possible to access a Fitbit's Bluetooth connection and, in a mere 10 seconds, infect it with a malicious packet that later could be used to infect a PC, a feat she demoed earlier this month at a hacker conference in Budapest.
Healthcare Sector Security Woefully Weak, Survey Says
October 21, 2015
The healthcare industry has become the favorite playground for many cybercriminals, suggests a report Trustwave released earlier this month. Of the 398 full-time healthcare professionals surveyed, 91 percent of information technology respondents and 77 percent of nontechnical respondents believed criminals increasingly were targeting healthcare organizations.
DDoS Attacks Create Smokescreens for Larceny
October 7, 2015
DDoS attacks have evolved from protest tool to criminal weapon. More than one in three DDoS attacks are used to plant malware or a virus on company systems, and 40 percent of them result in data theft, according to NeuStar's semiannual DDoS attack and protection report. "Until two years ago, DDoS attacks were really seen as just a disruption and annoyance tool," said NeuStar's Joe Loveless.
Federal Cybersecurity Performance Gets Mixed Reviews
October 6, 2015
The spectacular database breach that affected nearly 21 million people highlighted the continuing vulnerability of U.S. government information technology systems, despite the expenditure of billions each year on cybersecurity. The breach resulted in the departure of the head of the agency and triggered widespread questioning about the adequacy of federal IT security by members of Congress.
XOR Trojan Threatens Linux Networks
October 2, 2015
Researchers for the Security Intelligence Response Team at Akamai on Tuesday issued a high-risk threat advisory for XOR DDoS proliferation. The XOR DDoS Trojan is used to hijack Linux servers to build a botnet for distributed denial-of-service attacks with SYN and DNS floods, researchers tracking the malware said. The massive Linux-based botnet can take down websites under a flood of DDoS traffic.
Black Hats Offer Million-Dollar iOS 9 Bug Bounty
September 30, 2015
Zerodium has posted a million-dollar bounty for juicy iOS 9 bugs or jailbreaks. Zerodium runs a market where exploits and vulnerabilities are bought and sold, according to Damballa. "While there is no insight into a specific buyer, we can assume if an exploit for iOS 9 is found, Zerodium will sell it for way more than $1 million," wrote Loucif Kharouni, senior threat researcher at Damballa.
What Goes Around Comes Around: Russia Gets Hacked
September 23, 2015
Russia has been a prime suspect in recent cyberattacks against U.S. government targets. However, Russia has been poked with the other end of the hacker stick. For more than two months, hacker attacks originating in China have bedeviled Russia's military and telecom sectors, Proofpoint researchers have revealed. Russian-speaking analysts working at global financial firms also have been attacked.
Malware Jumps Apple's Garden Wall
September 22, 2015
Developers who unknowingly used a malicious tool to code their programs uploaded hundreds of malware-infected apps to the iTunes App Store, China-based iOS developers reportedly discovered last week. Security researchers around the world have analyzed it. Called "XcodeGhost," the malware is hidden in an unauthorized version of a program Apple distributes to create iOS apps.
An Insider Betrayed Ashley Madison - Go Figure
September 4, 2015
When the giant data breach at infidelity website Ashley Madison made headlines last month, the CEO of the site's owner was quick to claim the caper was an inside job. He had the attacker's profile and work credentials, Avid Life Media's CEO Noel Biderman told ace cybersecurity blogger Brian Krebs. Though not an employee, the individual had accessed the company's technical services.
KeyRaider Malware Busts iPhone Jailbreakers
September 3, 2015
Data-robbing malicious software dubbed "KeyRaider" has stolen more than 225,000 valid Apple accounts and thousands of certificates, private keys and purchasing receipts, Palo Alto Networks' Unit 42 reported last week. The firm identified the malware in cooperation with WeipTech, which found the accounts on a server while it was analyzing suspicious user-reported iOS tweaks.
Qualcomm Sics Fire-Breathing Snapdragon on Android Hackers
September 1, 2015
Qualcomm on Monday announced Snapdragon Smart Protect, a hardware-software product that could make the world a safer place for Android smartphone users. Snapdragon Smart Protect, which will become available with Qualcomm's upcoming Snapdragon 820 processor, will provide real-time, on-device machine learning designed to support accurate and effective detection of zero-day malware threats.
Malvertising Headache Swells to Migraine Proportions
August 26, 2015
Online advertising that pushes malicious software to consumers has increased 325 percent over the past year, Cyphort Labs reported Tuesday. Malvertising is adding to what is already a significant problem for online advertisers. Ad fraud will cost global advertisers more than $6 billion this year, according to the Association of National Advertisers.
Mozilla Plugs Dangerous Firefox Zero-Day Hole
August 10, 2015
Mozilla on Friday released security updates to fix a zero-day flaw in the Firefox browser. An exploit that searches for sensitive files and uploads them to a server -- possibly somewhere in Ukraine -- has surfaced in an ad on a Russian news site, Mozilla reported last week. The exploit impacts Windows and Linux users. Mac users could be hit by a modified version.
OS X Zero-Day Exploit Threatens Massive Mac Attack
August 4, 2015
Mac users, beware -- the ads you see on the Web could let hackers hijack your device. Malwarebytes has discovered a new zero-day exploit in OS X that lets apps bypass passwords during installation to get root permission through a Unix shell. A new adware installer downloaded by a Malwarebytes researcher modified his sudoers file -- a hidden Unix file that controls access to root permissions.
Malvertisers Poison Yahoo's Ad Network
August 4, 2015
Yahoo's ad network suffered an attack that lasted for almost a week, Malwarebytes reported mid-day Monday. Malwarebytes earlier notified Yahoo of the attacks, which began July 28. Yahoo had stopped them by the time the report was published. The attackers used the Angler Exploit Kit, described as highly sophisticated, to redirect visitors to ad sites on two Microsoft Azure domains.
Swipes, Taps and Cursor Movements Can Foil Cyberthieves
July 16, 2015
Swipes, taps, cursor movements and other ways of interacting with electronic devices can be used to protect online merchants from Net fraudsters. Many people are familiar with biometric authenticators like irises, fingerprints and voices, but it turns out that how we behave with our machines, including typing speed and the use of keyboard shortcuts, can authenticate our identities, too.
Feds Deliver Darkode's Doomsday
July 16, 2015
United States law enforcement agencies and their counterparts in 19 countries on Wednesday announced they had dismantled the Darkode hackers' forum. Charges, arrests and searches were launched against 70 Darkode members and associates around the world, and 12 people associated with the forum were indicted in the U.S. The agencies also served several search warrants in the U.S.
Gunpoder Malware Masquerades as Lesser Evil
July 9, 2015
Palo Alto Networks' Unit 42 team on Tuesday published a report on Gunpoder, a family of Android malware that can evade detection scans by pretending to be adware. Cong Zheng and Zhi Xu authored the report. The team discovered the new Android malware last November. Its new report aims to spur cooperation within the security community to mount defenses against the threat.
Security Pros Shine Light on Shadowy Cyberspy Ring
July 8, 2015
A highly sophisticated group of hackers who use cutting-edge techniques to shield their attacks from detection has been bedeviling corporations around the world for several years. The group, which Symantec dubbed "Morpho" and Kaspersky Lab calls "Wild Neutron," has hit multibillion-dollar corporations in the Internet, software, pharmaceutical and commodities sectors in at least 11 countries.
Hacking Team's Dingy Laundry Hung Out Online
July 6, 2015
Fireworks of a different kind rocked the security world this Fourth of July weekend, when news surfaced that hackers breached Hacking Team, an Italy-based firm that develops malware for governments and law enforcement. The attackers reportedly exposed 400 GB of data stolen from its servers. "It appears [Hacking Team] were compromised through social engineering, said Bugcrowd's Jonathan Cran.
New Android Malware Sprouting Like Weeds
July 1, 2015
Information stored on an Android smartphone or tablet is vulnerable to almost 4,900 new malware files each day, according to a report G Data SecurityLabs released Wednesday. Cybercriminals' interest in the Android operating system has grown, the firm's Q1 2015 Mobile Malware Report revealed. The number of new malware samples in the first quarter increased 6.4 percent.
US, Brit Spooks Bedevil Security Software
June 24, 2015
The United States' National Security Agency and the UK's Government Communications Headquarters reportedly have been attacking antivirus and other security software since at least 2008. The aim is to infiltrate networks and track users. The agencies apparently have reverse-engineered security and antivirus software, sometimes under dubious legal authority.
Routers Becoming Juicy Targets for Hackers
June 18, 2015
Most consumers pay as much attention to routers as they do to doorknobs. That's not the case with Net marauders. They're finding the devices ripe targets for mischief. "We've seen a big increase in malware designed for home routers," said Incapsula researcher Ofer Gayer. "Every week, we see a new vulnerability in a vendor's routers," he said. "They're low-hanging fruit if you're a hacker."
See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS
I plan to do my holiday shopping…
Online only -- I like the convenience and comfort.
Online only -- I'd shop in stores if their stock weren't so limited.
At brick-and-mortar stores only -- I like to see what I'm getting.
At brick-and-mortar stores only -- I enjoy the holiday shopping atmosphere.
At brick-and-mortar stores only -- I want to support local merchants.
Online and in stores -- I want the best of both worlds.
I'm not planning on doing any holiday shopping.