Malware

Hot on the heels of hackers stealing celebrities' nude photos from their iCloud accounts and posting them on the Web comes news that iCloud users are being targeted again -- this time by a botnet. The Kelihos botnet is sending emails purporting to be from Apple, informing targets they have purchased...

If you want to see an IT pro twitch, bring up Shadow IT in a conversation. "Shadow IT" is a term applied to technology deployed by an organization's users outside the purview of the IT department. It's bothersome to system shepherds because it can open up an organization to data leakages. It's also ...

SPOTLIGHT ON SECURITY

Hacker Attacks on Healthcare Providers Jump 600 Percent

The recent data breach at Community Health Systems, in which Chinese hackers stole the personal information of 4.3 million patients, was another sign of a disturbing trend that security researchers at Websense have been observing for months: Healthcare providers are coming under cyberattack at an al...

Sony's PlayStation and Sony Entertainment networks were taken down over the weekend by a distributed denial of service, or DDoS, attack. The hackers, who call themselves the "Lizard Squad," also forced authorities to divert a plane Sony Entertainment president was on by tweeting that there might be ...

In a move influenced by Edward Snowden's revelations about the NSA's email snooping, Yahoo and Google last week announced that they were cooperating on end-to-end encrypting their webmail products. "We will release source code this fall so that the open source community can help us refine the experi...

EXPERT ADVICE

Mobile App Attacks: No Malware, No Problem

Traditional attack methods, like those used with the recent mobile online banking Trojan Svpeng, involve the installation of malware on the device to steal information and commit fraud. However, new techniques are emerging that would enable an attacker to compromise a device and steal private inform...

SPOTLIGHT ON SECURITY

Retailers Harassed by Backoff Malware

The U.S. Department of Homeland Security last week sounded an alarm warning retailers of a family of malicious programs aimed at compromising point-of-sale systems. Attackers used such software last year in massive data breaches that nicked millions of consumer records at Target and Nieman Marcus. V...

USB flash drives could be at risk of a pernicious attack on their firmware. Over the past two decades, USB devices, aka "thumb drives," have proliferated all over the world, because USB has proven to be a versatile standard. That versatility, though, also makes USB devices vulnerable to what could b...

An Android vulnerability that exists in every version from v2.1 Eclair to v. 4.3 Jelly Bean could expose millions of users, Bluebox Security has warned. The flaw lets attackers fake the certificates of specially privileged parties, such as Adobe and Google Wallet, and serve them up with malware that...

The Gameover botnet is back, more or less, only six weeks or so after the Justice Department announced that an FBI-led multinational effort had disrupted it. Still, the botnet's downtime was longer than expected -- the UK's National Crime Agency had warned that the people running it would regain con...

SPOTLIGHT ON SECURITY

Windows XP Hacked, Supply Chain Poisoned

A supply chain compromise is a security pro's worst nightmare. The thought of malware being planted on computer devices before they leave the factory sends shivers down a cyberdefender's spine. A disturbing case of such poisoning was reported last week by researchers at TrapX. The researchers found ...

Google on Tuesday announced Project Zero, an effort to speed up the security bug-fixing process. A team of cybersecurity experts will go after vulnerabilities in any and all software, notify the vendors, and then file bug reports in a public database. The Project Zero team has promised to send bug r...

It's a given that hackers can and do penetrate websites with laughable ease, ranging from those of retailers to those of the United States government. It certainly doesn't help the security-minded to know that the U.S. National Security Agency and other countries' spy agencies, including the UK's GC...

Companies providing the world's critical infrastructure are woefully unprepared for cyberattacks despite the increasing threat level, evidenced by the release of the Stuxnet worm and the Shamoon virus in recent years, a survey conducted jointly by the Ponemon Institute and Unisys has found. Nearly 7...

Nearly one-third of the world's computers could be infected with malware, suggests a report released last week by the Anti-Phishing Working Group. Malicious apps invaded 32.77 percent of the world's computers, a more than 4 percent jump from the previous quarter's 28.39 percent, the report estimates...

Technewsworld Channels