OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
LinuxInsider.com
Banking Trojan Enters Mobiles via Facebook
April 21, 2014
Purveyors of a notorious mobile banking Trojan have started targeting Facebook users to infect Android smartphones. The Net predators use a desktop Trojan to leverage a Facebook socializer to install banking malware on their phone, ESET malware researcher Jean-Ian Boutin discovered last week. The desktop bad app, Win32/Qadars, waits for an infected machine to open a Facebook page.
Heartbleed's Never-Ending Drip, Drip, Drip
April 21, 2014
The Heartbleed vulnerability in OpenSSL has sent just about everyone who uses the Web for fun or profit gibbering madly in search of a solution, creating fertile ground for spammers, scammers and marketing types. Canada is in an uproar following a disclosure by the Canada Revenue Agency that a hacker had exploited Heartbleed to steal about 900 social insurance numbers from it over a six-hour span.
FOSS Community Hustles to Fix Gaping Heartbleed Flaw
April 08, 2014
A flaw in OpenSSL that has been around since 2011, the Heartbleed Bug, lets hackers steal information protected by the SSL/TLS encryption used to secure the Internet. Codenomics, which co-discovered the flaw at about the same time as Google's Neel Mehta, tested some of its own services and found it could steal "the secret keys used for our X.509 certificates, user names and passwords" and more.
XP Users Have a Bad Headache Coming On
April 07, 2014
Money will be the biggest problem users of Windows XP will face when Microsoft officially stops supporting it on Tuesday. As a last resort, Microsoft is offering custom support for Windows XP as a temporary stopgap. That could cost as much as $200 per PC per year, Gartner estimated. The UK government reportedly has paid Microsoft about $9 million to extend Windows XP support for one year.
Americans Distrust Tech Companies
April 07, 2014
The steady stream of reports on government surveillance of Americans has taken a toll on the image of high-tech companies, according to a Harris poll. More than two-thirds of Americans -- 67 percent -- feel technology companies violate their users' trust by helping the government spy on its citizens, suggests the poll of 2,000 consumers, which was sponsored by ESET.
Yahoo Issues Security Sitrep
April 03, 2014
Yahoo has announced a new effort to upgrade its security, in the wake of a torrent of breaches and hacker attacks over recent months. Yahoo's plans include encryption of data in motion, enabling HTTPS encryption, and implementing the latest in security best practices, said Chief Information Security Officer Alex Stamos, who took over the job in March.
Clock Counting Down on Windows XP Support
April 01, 2014
As Microsoft prepares to cut off support for Windows XP, hackers are sharpening their knives in anticipation of carving up the operating system's carcass. Web predators will pounce on XP 10 minutes after Microsoft pulls the support plug on the software, predicted one former military computer specialist and network engineer. Indeed, it appears that information highwaymen are stockpiling ammunition.
Report: NSA Listens to International Calls From the Past
March 19, 2014
The National Security Agency reportedly possesses a system that enables it to record telephone calls -- all telephone calls -- in a foreign country, and review conversations for up to a month after they took place. The system is said to be akin to a time machine, allowing for retroactive snooping on foreign targets. Billions of calls are stored in a 30-day rolling buffer.
NSA Deploys Botnet Armies, Spoofs Facebook
March 13, 2014
The latest revelations about NSA surveillance indicate the agency could infect millons of computers with malware, and has spoofed Facebook servers to capture traffic from targets. "It is not surprising that the NSA would create and deploy malware," said CDT's Harley Geiger. "What is surprising is the evidence the NSA is prepared to do so on a scale that could affect millions of computers."
2013: A Perilous Year on the Internet
March 11, 2014
Surfing the Internet last year was a dangerous proposition. On average, 200 samples of malicious software were collected every minute by McAfee Labs, the company reported in its threat report for the Q4 2013. All kinds of Internet nastiness increased last year -- from ransomware and suspicious URLs to bogus digital certificates, master boot record attacks, and poisoned mobile apps, the firm said.
Bad Ads Outstrip Porn as Mobile Phone Infection Vectors
March 11, 2014
Trawling porn sites used to be the best way to pick up an electronically transmitted disease on your phone. That's changed. Every one in five times a mobile user is redirected to a malware site online, it's done through a malicious ad, according to a new report. That's three times what it was two years ago. One reason malicious ads have been able to outperform porn is they can get more traffic.
The Increasing Business Risk of Cloud Cyberattacks
March 10, 2014
It is hard to figure out which is growing at a faster pace -- movement to the cloud or cybercrime. Cybercrime is following the data to the cloud, according to reports, to find and steal cloud data of hotel records, credit card information, and maybe even corporate secrets and the client files of lawyers. The concept of managing data for business on a remote computer is actually 50 years old.
Security Firms Scour Mobile Apps
February 24, 2014
Security pros weren't very kind to mobile applications last week. A number of firms knocked apps produced for the smartphone market for all kinds of risky behaviors that could lead to trouble not only for mobile device owners, but also for their employers. While Android has been a poster child for misbehaving apps in the past, competitor Apple's apps aren't as pristine as is commonly believed.
Google Gets Spider.io to Take a Bite Out of Click-Fraud
February 24, 2014
Google on Friday announced its purchase of online ad fraud fighter Spider.io. It initially will include Spider's fraud detection technology in its video and display ad products. Over time, Google will incorporate Spider's iFramed ads view technology in its products. "This is an excellent move for Google," said Mukul Krishna, senior global director of digital media at Frost & Sullivan.
Kaspersky Details Sophisticated 'Mask' Robber Ops
February 11, 2014
Kaspersky Lab has released research findings on Careto, a malware toolkit that has hit more than 380 victims in 31 countries so far since 2007. "Careto" means "mask" in Spanish, Kaspersky notes. The word also could point to an ancient tradition incorporated into Portuguese and Brazilian Carnival festivals. Because they are so highly sophisticated, the attacks could be the work of a nation-state.
Careless, Reckless Staff Are Corporate Security's Biggest Threat
February 07, 2014
We have met the enemy and he is us. Pogo's philosophical observation perfectly describes the way IT and security professionals view their end users' attitude toward data security. An overwhelming 80 percent of corporate security professionals and IT administrators indicated in a recent survey that "end user carelessness" constituted the biggest security threat to their organizations.
Target Fiasco Shines Light on Supply Chain Attacks
February 03, 2014
The holiday data breach at Target was opened up with stolen credentials from a vendor in the company's supply chain, according to reports that surfaced last week. That kind of attack is getting more and more common these days. "About 80 percent of data breaches originate in the supply chain," said Torsten George, vice president of marketing for Agiliance.
IT Weaknesses Paved the Way for Target Hackers
January 30, 2014
The Target data breach exposed more than 100 million customers, riled up U.S. intelligence agencies, sparked a Justice Department investigation, involved the U.S. Department of Homeland Security and the FBI, triggered congressional hearings, and led several banks to re-issue their credit cards. The hacker has variously been identified as a 17-year-old Russian or one or more other cybercriminals.
Neiman Marcus Alerts Customers to Hack Attack
January 24, 2014
Neiman Marcus has announced that some 1.1-million customer credit and debit cards may have been exposed in a hack attack. The retailer was first alerted to the intrusion at the beginning of the year. It appears that "sophisticated, self-concealing malware" able to obtain payment card information was active in the company's systems between July 16 and Oct. 30, 2013, CEO Karen Katz said.
Bitcoin's Popularity Attracts Malware Writers
January 22, 2014
Most folks know the value of money, but few know the latest value of a Bitcoin, a virtual currency prone to wide price swings. Those swings haven't deterred those on the digital leading edge from speculating in the currency -- or bad app writers from plotting ways to steal it. "Bitcoins -- and indeed any digital property of any value -- will be a theft target," said Bitcoin developer Jeff Garzik.
Pentagon Wary of New Chinese Missile Vehicle
January 16, 2014
Last week, China's military took its new "ultra-high speed missile vehicle" -- or "hypersonic glide vehicle," if you prefer -- for its first test drive, raising eyebrows among U.S. defense officials. The hypersonic aircraft, capable of maneuvering at a mindboggling 10 times the speed of sound -- that's more than 7,500 miles per hour -- is designed to deliver warheads through U.S. missile defenses.
PowerLocker Takes Ransomware to a New Level
January 13, 2014
Up to now, the malware program CryptoLocker has been king of the ransomware roost, but PowerLocker may present a new challenge. "It has some interesting countermeasures to thwart researchers," said Harry Sverdlove, CTO of Bit9. Among those countermeasures are the ability to determine if it's running on a virtual machine -- and if so, to alter its behavior.
Malicious Ads Infect Thousands of European Yahoo Users
January 06, 2014
Certain advertisements on Yahoo's European website may have helped infect thousands of computers with malware. A Dutch computer security firm, Fox-IT, outed Yahoo last Friday, penning a blog post claiming that attackers had used ads.yahoo.com to insert malicious ads. Fox-IT was apparently on to something, because on Sunday, Yahoo admitted to hosting ads that didn't "meet our editorial guidelines."
Computer Pioneer, Subjected to Homophobic Prosecution, Pardoned by Queen
December 27, 2013
Alan Turing, a British man whose code-breaking prowess helped thwart Nazi Germany in World War II, was pardoned this week by Queen Elizabeth for his decades-old "crime." Turing was prosecuted in 1952 for "gross indecency" for having a sexual relationship with another man, a ruling that resulted in the loss of his security clearance and compulsory hormone treatment. Two years later, he died from cyanide poisoning in what was ruled a suicide.

See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS