Make in-app payments easy and secure with Apple Pay. Click here to see how.
Welcome Guest | Sign In
Heavy Attacks Expected as Microsoft Scrambles to Fix IE Flaw
September 18, 2013
Microsoft revealed Tuesday it was investigating a previously unknown security flaw affecting all versions of its IE Web browser. Hackers have attempted to exploit the vulnerability in targeted attacks on users of versions 8 and 9, it reported in a security advisory. "The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code," the advisory says.
Web App Firewalls Blunt Attacks
September 16, 2013
Web applications have become attractive targets for hackers because they allow bad actors to maximize the reach of their mischief with a minimum of effort. That's what originally attracted the Internet underworld to programs like Windows and Adobe Acrobat, and it's what continues to attract them to Java. A vulnerability in one of those programs can be exploited in millions of machines.
Needle in a Haystack: Harnessing Big Data for Security
September 14, 2013
The combination of the polymorphic nature of malware, failure of signature-based security tools, and massive amounts of data and traffic flowing in and out of enterprise networks is making threat management using traditional approaches virtually impossible. Until now, security has been based largely on the opinions of researchers who investigate attacks.
No End to the Headaches Endpoints Give System Defenders
September 03, 2013
If there's one attack surface that's attracting growing attention from digital marauders, it's a system's endpoints. With the proliferation of BYOD, securing connections can be a defender's nightmare. Endpoints have an allure for attackers because they offer multiple attack vectors, such as social engineering attacks, spearphishing, USB infection, and compromise of WiFi networks and routers.
UK Detains Partner of Leak-Publishing Journalist
August 19, 2013
The partner of Glenn Greenwald, the journalist with The Guardian who has published a slew of articles detailing National Security Agency surveillance programs, was detained for nearly nine hours Sunday at London's Heathrow Airport. Greenwald's partner, David Miranda, was en route from Berlin to his home in Rio de Janeiro when he was stopped by officers at just after 8:00 a.m.
Who's Afraid of Linux Malware?
August 19, 2013
There once was a time when Windows users could feel relatively safe and secure as they made their online excursions around the World Wide Web. Those days ended relatively quickly, of course, followed soon afterwards by a similar waning of confidence on the Mac side. For those of us who prefer Linux, however, the Age of Innocence -- as one might call it -- has lasted much longer.
Major US Media Succumb to Unsophisticated Syrian Hack Attacks
August 16, 2013
The Syrian Electronic Army on Thursday claimed credit for hack attacks that took control of portions of a handful of major U.S. news sites via an article-recommendation service they all use. SEA reportedly gained control of them by entering an administration portal for Outbrain and inserting links in some of the recommended articles at the bottom of the Web page, thereby redirecting readers to its own site.
FBI Attack on Child Porn Sites May Have Blown Tor Users' Cover
August 05, 2013
Ireland-based Freedom Hosting, which hosted several servers on the Tor Project's hidden network, has been taken down through a vulnerability in the Firefox browser -- and the FBI is widely suspected of being the attacker. The FBI reportedly is seeking to extradite Freedom Hosting's owner, Eric Eoin Marques, to the United States to face charges of running a huge child porn network.
5 Ways to Improve Your Privacy Online
July 30, 2013
It wasn't long after the Internet came into widespread use that online privacy became a growing concern. After all, anytime people are connected through their computers and sharing resources online, there's the potential for prying and abuse. Such concerns were compounded with the arrival of social networks, online banking and, of course, malware -- among other points of potential weakness.
Huawei Gets Anti-Porn Tech Right, UK Says
July 26, 2013
Britain is simultaneously investigating and praising Chinese telecommunication firm Huawei. OK, so the UK didn't out and compliment Huawei. Less than a week after British authorities launched a cybersecurity review of the company, however, Prime Minister David Cameron said that British telecommunications company TalkTalk had shown "great leadership" in implementing its online pornography filter.
Beijing's 'Water Army' Swamps Social Media
July 25, 2013
Long known for its out-and-out censorship, Beijing now appears to be filling Chinese social media with pro-government messages. The new tack was on full display after the Thursday indictment of fallen Communist Party member Bo Xilai, who was busted for corruption and abuse of power in 2012. While China's social media censors were surely working overtime, so too were its copywriters.
Google Play Misses Dangerous Apps at Border Control
July 23, 2013
Despite yeoman efforts by Google to close a critical hole in its Android mobile operating system that allows any app to be turned into a malicious Trojan, programs are still appearing in the company's Google Play store with the flaw. A number of apps containing the so-called MasterKey vulnerability were discovered by cybersecurity firm Bitdefender last week.
Google Sticks a Thumb in Android Security Dike
July 09, 2013
Lumbering like the old-school technology firms it sometimes derides, Google has finally issued a patch for a master key vulnerability in Android that Bluebox called to its attention back in February. "Is Google eating their own dog food?" asked Randy Abrams, a research director at NSS Labs. The vulnerability lets attackers modify Android apps into Trojan apps without breaking their APK signature.
Microsoft Woos Hackers with Bounties for Bugs
June 21, 2013
Following in the footsteps of rivals including Google and Mozilla, Microsoft this week hung a figurative "Wanted" sign in its Security Response Center offering rewards up to $100,000 for those who find vulnerabilities in its software. Specifically, the software giant announced three "Bug Bounty" programs in an effort to find and fix vulnerabilities in its software.
Hackers Find WordPress Easy Pickings
June 17, 2013
Adobe Reader and Oracle Java aren't alone in having a bull's eye painted on their code. WordPress also is becoming a popular target for Internet outlaws. It's quite a large target, too. About 18 percent of the sites on the Web -- about 60 million of them -- use WordPress. One reason WordPress is attracting hacker attention is that it's so easy to write plug-ins for it.
Cybersecurity Tops the Agenda in U.S.-China Weekend Talks
June 10, 2013
Among the issues on the agenda for the talks over the weekend between China's President Xi Jinping and U.S. President Obama were cybersecurity and attacks on U.S. targets by hackers based in China. "The technical means to validate true reduction in cyberoffense are not very good since the advantage belongs overwhelmingly to the attacker in cyberspace," noted FireEye CTO Ashar Aziz.
Microsoft, FBI Flatten Monster Botnet
June 07, 2013
A coalition comprising Microsoft, the FBI, and financial-industry and tech firms has taken out more than 1,400 botnets that used the Citadel Trojan to steal victims' online banking information and information about their identities. Microsoft filed a civil suit last week against 82 alleged botnet operators and cut communications between the botnets and millions of infected PCs they controlled.
China Jumps the Gun on Cybersecurity Talks
June 06, 2013
This coming weekend's cybersecurity talks may have already started. China's state-run newspaper ran an article claiming that the government has "mountains of data" proving it has been the victim cyberespionage at the hands of the United States. The report precedes the upcoming landmark meeting between Chinese president Xi Jinping and President Obama; cybersecurity is expected to be a key talking point.
Your iPhone Could Be Poisoned by Its Charger
June 04, 2013
Researchers at the Georgia Institute of Technology have developed a way to hack into iOS devices through a modified charger. Billy Lau, a research scientist at the institute, together with two Ph.D. students, will present a paper on it at Black Hat USA 2013. It took only 1 minute for an iOS device to be compromised after being plugged into a malicious charger.
A New Approach for Blocking Zero-Day Threats
May 18, 2013
Cybercriminals use zero-day and unpatched application vulnerabilities to install data-stealing malware on corporate endpoints because these are -- and will continue to be -- an issue with virtually all software applications. Zero-day exploits that take advantage of unknown vulnerabilities are the hardest to defend.
The Real Mozilla Stands Up to Firefox-Cloaked Spyware
May 02, 2013
Mozilla, the creator of the Firefox browser, has sent a cease-and-desist letter to Gamma International, a German company that sells spyware to governments and law enforcement agencies. The move was a reaction to the news that a booby-trapped Microsoft Word document -- sent out for upcoming Malaysian elections -- embeds a copy of Gamma's FinSpy spyware that masquerades as a Firefox executable.
Report: Criminals Put a Bull's-eye on Web Infrastructure
April 29, 2013
Cybercriminals have begun focusing their malicious endeavors on the sinew of the Internet to reap greater rewards. For months now, Net bandits have targeted key infrastructure elements -- from the domain-naming service to certificate-issuing authorities to hosting services -- in order to spread cash-producing malware. "They're going after the infrastructure of the Internet," said Dave Jevans, chairman of Marble Security.
Bing Tops Google in Malware-Ridden Search Results
April 13, 2013
Bing may be engaged in a "Scroogled" marketing campaign, but an 18-month study by an antivirus security firm shows that Microsoft's search engine may need to play some defense, thanks to results showing more malware-infected links popping up in its search results than for Google.
Yontoo Trojan Unleashes Adware Assault on Mac Browsers
March 21, 2013
New malware is making the rounds with Mac users in its sights: Yontoo.1 can download and install an adware browser plug-in to an infected system. Adware for Mac OS X has been increasing since the beginning of this year, according to Doctor Web, the antivirus company that identified Yontoo.1, but so far it is the most prominent of them all.

See More Articles in Malware Section >>
Facebook Twitter LinkedIn Google+ RSS