OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Report: Malware Poisons One-Third of World's Computers
July 09, 2014
Nearly one-third of the world's computers could be infected with malware, suggests a report released last week by the Anti-Phishing Working Group. Malicious apps invaded 32.77 percent of the world's computers, a more than 4 percent jump from the previous quarter's 28.39 percent, it estimates. The increase in infected computers has come hand-in-hand with a jump in the appearance of malware samples.
Dragonfly Swoops Down on Energy Firms
July 01, 2014
The energy industry in the United States and Europe is being targeted by a cybercriminal gang that's suspected of being state-sponsored and has links to Russia. Known variously as "Dragonfly" and "Energetic Bear," the group has been operating at least since 2011. Its focus appears to be espionage and persistent access, with a side dish of sabotage as required, Symantec said.
To Pay or Not to Pay - That's the Ransomware Question
June 24, 2014
Ransomware is a growing problem for consumers and businesses alike. In Symantec's most recent quarterly security report, the company's researchers found all targeted attacks -- including ransomware -- grew 91 percent year-over-year. That's raising a big question for those targeted by cyberextortionists: Should the ransom be paid? Security experts generally say no, but some insert a caveat or two.
Heartbleed Flaw Goes Unpatched on 300K Servers: Report
June 23, 2014
Two months after the Heartbleed vulnerability sent frissons of fear down the spines of IT managers everywhere, 300,000 servers still remain vulnerable, Errata Security said. When the flaw was announced in April, Errata found 600,000 servers vulnerable. "The norm is to do no patches at all for some systems, no matter how easy it is to patch," said Errata CEO Robert Graham.
Researchers Find Android Security on Par With iOS
June 18, 2014
The open source mobile operating system Android long has been considered by security experts to be the mobile OS most vulnerable to security threats, but iOS is just as vulnerable. However, the two OSes expose users to different types of threats. The perceived greater security of iOS rests on Apple's control of app distribution rather than on any inherent superiority of the OS over Android.
5 Myths of Virtualization Security: You May Be More Vulnerable Than You Think
June 11, 2014
Businesses increasingly are relying on virtual machines to handle more critical data and tasks than ever before. The reality is that virtualization is growing as a platform for managing customer data, financial transactions and the applications that businesses use. Simply put, virtualization is a core component of today's mission-critical IT infrastructure.
Cupid Fires Arrow at OpenSSL's Heart
June 10, 2014
As if the discovery of the Heartbleed flaw weren't enough woe for OpenSSL, more than half a dozen additional defects have been discovered in the code used to protect communication on the Web. Among them is one dubbed "Cupid" by its discoverers. The flaw can be used to compromise enterprise networks. Like Heartbleed, Cupid uses a malicious heartbeat packet to compromise a TLS connection.
US-Led Posse Scatters GameOver Zeus Botnet
June 04, 2014
A worldwide operation led by the U.S. involving law enforcement, private sector cybersecurity firms and software vendors has disrupted the GameOver Zeus botnet for now. The U.S. also has filed criminal charges in Pittsburgh, Penn., and Omaha, Neb., against Russian national Evgeniy Mikhailovich Bogachev, and has charged a number of other suspects in the Russian Federation and the Ukraine.
Spammers Quick to Exploit eBay Breach
June 03, 2014
If you're a spammer, big news like the recent breach of eBay's computers is like striking oil in your back yard. Spammers live for headline-grabbing events that they can use to separate gullible Web wanderers from their money, so the eBay breach is a perfect vehicle for a scam. In this case, they try to convince recipients their eBay credentials could be used to give them a criminal record.
Heartbleed-Weary Tech Firms Show OpenSSL a Little Love
May 30, 2014
Remember Heartbleed? Several weeks ago, the exposure of this security bug chilled the Internet, highlighting once again that even the seemingly unbreakable can be hacked. In the case of the Heartbleed vulnerability, encrypted data was at risk of theft. Sites potentially vulnerable to Heartbleed -- from Canada's Revenue Agency to AWS to Yahoo to Reddit -- urged users to change their passwords.
Con Artist Harasses Aussie Apple Customers in Ransomware Attempt
May 28, 2014
Apple on Tuesday aimed to calm anxiety among its iCloud users with reassurances that the service hadn't been breached in a ransomware-style attack. "Apple takes security very seriously and iCloud was not compromised during this incident," reads a company statement. The referenced "incident" is a collection of reports on Apple forums by iPhone users, most of them in Australia.
Chinese Media: Cisco Is Playing on US Cyberspy Team
May 28, 2014
Cisco has been accused of being in bed with U.S. cyberspying efforts, according to a Chinese state media outlet. Cisco "carries on intimately" with U.S. spying apparatuses, the outlet claims, and plays "a disgraceful role" in efforts to prop up U.S. power over the Web. Cisco denied the accusations. Beijing definitely seems to have taken umbrage with last week's U.S. indictments for cyberespionage.
Ransomware Gang Targets Android Phones
May 13, 2014
The Reveton Gang is at it again. This time, though, they're targeting users of Android phones -- typically visitors to porn sites. The gang that pioneered the idea of locking up a target's computer and demanding a ransom to unlock it has turned its attention to the rapidly growing mobile market. Once Reveton mobile infects a phone, it will display a bogus warning.
White House Opens Heart About Vulnerabilities
April 30, 2014
Smarting from speculation that the U.S. intelligence community hoarded knowledge about the Heartbleed bug that's placed millions of servers and devices that access the Internet at risk, the White House Tuesday gave the public some insight into how it decides to release information about computer vulnerabilities. Disclosing them is usually in the national interest, it said.
Clandestine Fox Nips at Explorer's Heels
April 28, 2014
Microsoft's Internet Explorer Web browser has a flaw that allows hackers to commandeer control of computers, FireEye reported Saturday. Although the never-seen-before vulnerability can be found in all versions of the browser, hackers are targeting IE versions 9 through 11, according to a blog post by the three security researchers who made the discovery.
Banking Trojan Enters Mobiles via Facebook
April 21, 2014
Purveyors of a notorious mobile banking Trojan have started targeting Facebook users to infect Android smartphones. The Net predators use a desktop Trojan to leverage a Facebook socializer to install banking malware on their phone, ESET malware researcher Jean-Ian Boutin discovered last week. The desktop bad app, Win32/Qadars, waits for an infected machine to open a Facebook page.
Heartbleed's Never-Ending Drip, Drip, Drip
April 21, 2014
The Heartbleed vulnerability in OpenSSL has sent just about everyone who uses the Web for fun or profit gibbering madly in search of a solution, creating fertile ground for spammers, scammers and marketing types. Canada is in an uproar following a disclosure by the Canada Revenue Agency that a hacker had exploited Heartbleed to steal about 900 social insurance numbers from it over a six-hour span.
FOSS Community Hustles to Fix Gaping Heartbleed Flaw
April 08, 2014
A flaw in OpenSSL that has been around since 2011, the Heartbleed Bug, lets hackers steal information protected by the SSL/TLS encryption used to secure the Internet. Codenomics, which co-discovered the flaw at about the same time as Google's Neel Mehta, tested some of its own services and found it could steal "the secret keys used for our X.509 certificates, user names and passwords" and more.
XP Users Have a Bad Headache Coming On
April 07, 2014
Money will be the biggest problem users of Windows XP will face when Microsoft officially stops supporting it on Tuesday. As a last resort, Microsoft is offering custom support for Windows XP as a temporary stopgap. That could cost as much as $200 per PC per year, Gartner estimated. The UK government reportedly has paid Microsoft about $9 million to extend Windows XP support for one year.
Americans Distrust Tech Companies
April 07, 2014
The steady stream of reports on government surveillance of Americans has taken a toll on the image of high-tech companies, according to a Harris poll. More than two-thirds of Americans -- 67 percent -- feel technology companies violate their users' trust by helping the government spy on its citizens, suggests the poll of 2,000 consumers, which was sponsored by ESET.
Yahoo Issues Security Sitrep
April 03, 2014
Yahoo has announced a new effort to upgrade its security, in the wake of a torrent of breaches and hacker attacks over recent months. Yahoo's plans include encryption of data in motion, enabling HTTPS encryption, and implementing the latest in security best practices, said Chief Information Security Officer Alex Stamos, who took over the job in March.
Clock Counting Down on Windows XP Support
April 01, 2014
As Microsoft prepares to cut off support for Windows XP, hackers are sharpening their knives in anticipation of carving up the operating system's carcass. Web predators will pounce on XP 10 minutes after Microsoft pulls the support plug on the software, predicted one former military computer specialist and network engineer. Indeed, it appears that information highwaymen are stockpiling ammunition.
Report: NSA Listens to International Calls From the Past
March 19, 2014
The National Security Agency reportedly possesses a system that enables it to record telephone calls -- all telephone calls -- in a foreign country, and review conversations for up to a month after they took place. The system is said to be akin to a time machine, allowing for retroactive snooping on foreign targets. Billions of calls are stored in a 30-day rolling buffer.
NSA Deploys Botnet Armies, Spoofs Facebook
March 13, 2014
The latest revelations about NSA surveillance indicate the agency could infect millons of computers with malware, and has spoofed Facebook servers to capture traffic from targets. "It is not surprising that the NSA would create and deploy malware," said CDT's Harley Geiger. "What is surprising is the evidence the NSA is prepared to do so on a scale that could affect millions of computers."

See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS