OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
DDoS Attacks Create Smokescreens for Larceny
October 7, 2015
DDoS attacks have evolved from protest tool to criminal weapon. More than one in three DDoS attacks are used to plant malware or a virus on company systems, and 40 percent of them result in data theft, according to NeuStar's semiannual DDoS attack and protection report. "Until two years ago, DDoS attacks were really seen as just a disruption and annoyance tool," said NeuStar's Joe Loveless.
Federal Cybersecurity Performance Gets Mixed Reviews
October 6, 2015
The spectacular database breach that affected nearly 21 million people highlighted the continuing vulnerability of U.S. government information technology systems, despite the expenditure of billions each year on cybersecurity. The breach resulted in the departure of the head of the agency and triggered widespread questioning about the adequacy of federal IT security by members of Congress.
XOR Trojan Threatens Linux Networks
October 2, 2015
Researchers for the Security Intelligence Response Team at Akamai on Tuesday issued a high-risk threat advisory for XOR DDoS proliferation. The XOR DDoS Trojan is used to hijack Linux servers to build a botnet for distributed denial-of-service attacks with SYN and DNS floods, researchers tracking the malware said. The massive Linux-based botnet can take down websites under a flood of DDoS traffic.
Black Hats Offer Million-Dollar iOS 9 Bug Bounty
September 30, 2015
Zerodium has posted a million-dollar bounty for juicy iOS 9 bugs or jailbreaks. Zerodium runs a market where exploits and vulnerabilities are bought and sold, according to Damballa. "While there is no insight into a specific buyer, we can assume if an exploit for iOS 9 is found, Zerodium will sell it for way more than $1 million," wrote Loucif Kharouni, senior threat researcher at Damballa.
What Goes Around Comes Around: Russia Gets Hacked
September 23, 2015
Russia has been a prime suspect in recent cyberattacks against U.S. government targets. However, Russia has been poked with the other end of the hacker stick. For more than two months, hacker attacks originating in China have bedeviled Russia's military and telecom sectors, Proofpoint researchers have revealed. Russian-speaking analysts working at global financial firms also have been attacked.
Malware Jumps Apple's Garden Wall
September 22, 2015
Developers who unknowingly used a malicious tool to code their programs uploaded hundreds of malware-infected apps to the iTunes App Store, China-based iOS developers reportedly discovered last week. Security researchers around the world have analyzed it. Called "XcodeGhost," the malware is hidden in an unauthorized version of a program Apple distributes to create iOS apps.
An Insider Betrayed Ashley Madison - Go Figure
September 4, 2015
When the giant data breach at infidelity website Ashley Madison made headlines last month, the CEO of the site's owner was quick to claim the caper was an inside job. He had the attacker's profile and work credentials, Avid Life Media's CEO Noel Biderman told ace cybersecurity blogger Brian Krebs. Though not an employee, the individual had accessed the company's technical services.
KeyRaider Malware Busts iPhone Jailbreakers
September 3, 2015
Data-robbing malicious software dubbed "KeyRaider" has stolen more than 225,000 valid Apple accounts and thousands of certificates, private keys and purchasing receipts, Palo Alto Networks' Unit 42 reported last week. The firm identified the malware in cooperation with WeipTech, which found the accounts on a server while it was analyzing suspicious user-reported iOS tweaks.
Qualcomm Sics Fire-Breathing Snapdragon on Android Hackers
September 1, 2015
Qualcomm on Monday announced Snapdragon Smart Protect, a hardware-software product that could make the world a safer place for Android smartphone users. Snapdragon Smart Protect, which will become available with Qualcomm's upcoming Snapdragon 820 processor, will provide real-time, on-device machine learning designed to support accurate and effective detection of zero-day malware threats.
Malvertising Headache Swells to Migraine Proportions
August 26, 2015
Online advertising that pushes malicious software to consumers has increased 325 percent over the past year, Cyphort Labs reported Tuesday. Malvertising is adding to what is already a significant problem for online advertisers. Ad fraud will cost global advertisers more than $6 billion this year, according to the Association of National Advertisers.
Mozilla Plugs Dangerous Firefox Zero-Day Hole
August 10, 2015
Mozilla on Friday released security updates to fix a zero-day flaw in the Firefox browser. An exploit that searches for sensitive files and uploads them to a server -- possibly somewhere in Ukraine -- has surfaced in an ad on a Russian news site, Mozilla reported last week. The exploit impacts Windows and Linux users. Mac users could be hit by a modified version.
OS X Zero-Day Exploit Threatens Massive Mac Attack
August 4, 2015
Mac users, beware -- the ads you see on the Web could let hackers hijack your device. Malwarebytes has discovered a new zero-day exploit in OS X that lets apps bypass passwords during installation to get root permission through a Unix shell. A new adware installer downloaded by a Malwarebytes researcher modified his sudoers file -- a hidden Unix file that controls access to root permissions.
Malvertisers Poison Yahoo's Ad Network
August 4, 2015
Yahoo's ad network suffered an attack that lasted for almost a week, Malwarebytes reported mid-day Monday. Malwarebytes earlier notified Yahoo of the attacks, which began July 28. Yahoo had stopped them by the time the report was published. The attackers used the Angler Exploit Kit, described as highly sophisticated, to redirect visitors to ad sites on two Microsoft Azure domains.
Swipes, Taps and Cursor Movements Can Foil Cyberthieves
July 16, 2015
Swipes, taps, cursor movements and other ways of interacting with electronic devices can be used to protect online merchants from Net fraudsters. Many people are familiar with biometric authenticators like irises, fingerprints and voices, but it turns out that how we behave with our machines, including typing speed and the use of keyboard shortcuts, can authenticate our identities, too.
Feds Deliver Darkode's Doomsday
July 16, 2015
United States law enforcement agencies and their counterparts in 19 countries on Wednesday announced they had dismantled the Darkode hackers' forum. Charges, arrests and searches were launched against 70 Darkode members and associates around the world, and 12 people associated with the forum were indicted in the U.S. The agencies also served several search warrants in the U.S.
Gunpoder Malware Masquerades as Lesser Evil
July 9, 2015
Palo Alto Networks' Unit 42 team on Tuesday published a report on Gunpoder, a family of Android malware that can evade detection scans by pretending to be adware. Cong Zheng and Zhi Xu authored the report. The team discovered the new Android malware last November. Its new report aims to spur cooperation within the security community to mount defenses against the threat.
Security Pros Shine Light on Shadowy Cyberspy Ring
July 8, 2015
A highly sophisticated group of hackers who use cutting-edge techniques to shield their attacks from detection has been bedeviling corporations around the world for several years. The group, which Symantec dubbed "Morpho" and Kaspersky Lab calls "Wild Neutron," has hit multibillion-dollar corporations in the Internet, software, pharmaceutical and commodities sectors in at least 11 countries.
Hacking Team's Dingy Laundry Hung Out Online
July 6, 2015
Fireworks of a different kind rocked the security world this Fourth of July weekend, when news surfaced that hackers breached Hacking Team, an Italy-based firm that develops malware for governments and law enforcement. The attackers reportedly exposed 400 GB of data stolen from its servers. "It appears [Hacking Team] were compromised through social engineering, said Bugcrowd's Jonathan Cran.
New Android Malware Sprouting Like Weeds
July 1, 2015
Information stored on an Android smartphone or tablet is vulnerable to almost 4,900 new malware files each day, according to a report G Data SecurityLabs released Wednesday. Cybercriminals' interest in the Android operating system has grown, the firm's Q1 2015 Mobile Malware Report revealed. The number of new malware samples in the first quarter increased 6.4 percent.
US, Brit Spooks Bedevil Security Software
June 24, 2015
The United States' National Security Agency and the UK's Government Communications Headquarters reportedly have been attacking antivirus and other security software since at least 2008. The aim is to infiltrate networks and track users. The agencies apparently have reverse-engineered security and antivirus software, sometimes under dubious legal authority.
Routers Becoming Juicy Targets for Hackers
June 18, 2015
Most consumers pay as much attention to routers as they do to doorknobs. That's not the case with Net marauders. They're finding the devices ripe targets for mischief. "We've seen a big increase in malware designed for home routers," said Incapsula researcher Ofer Gayer. "Every week, we see a new vulnerability in a vendor's routers," he said. "They're low-hanging fruit if you're a hacker."
Duqu 2.0 Makes Other Malware Look Clunky
June 12, 2015
Duqu 2.0 may have just snatched the title of "most sophisticated malware ever," according to Kaspersky Lab, which published a report on the new threat this week. Kaspersky discovered Duqu 2.0 after the malware penetrated its own internal networks. "The philosophy and way of thinking of the Duqu 2.0 group is a generation ahead of anything seen in the APT world," said Kaspersky's Kurt Baumgartner.
The Painful Persistence of Ad Injections
June 1, 2015
Some of those annoying ads that pop up when you visit a site on the Web or do a search may be served up by, for want of a better word, "hijackers." They use binaries, extensions, or network ISPs to modify a page's content to insert or replace ads with or without the user's consent. It's called "ad injection," and the problem is extensive. The problem begins with software infecting users' browsers.
No Wrongdoing at NCIS, Says Defense Watchdog
May 28, 2015
The U.S. Department of Defense's Inspector General has rejected allegations that the Naval Criminal Investigative Service engaged in questionable domestic intelligence activity. The finding concluded a DoD IG probe spurred by allegations that NCIS was making available to military intelligence agencies its Law Enforcement Information Exchange, a database of 506.3 million law enforcement records.

See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS
Do you want to live in an Internet-connected home?
Yes -- I have some smart things, and I want more.
Yes -- I'm looking forward to all the conveniences.
Not sure -- I have security and privacy concerns.
No -- the technology isn't good enough yet.
No -- it's a ridiculous waste of money.