Emerging Threats

Take mobile defense seriously

Jonathan Cattell, solutions manager, Airwide Solutions March 01, 2011

There is no doubt that data security and privacy concerns have almost completely migrated to the mobile channel.
 

Hired Guns: What's in the name CyberPMC or CyberPSC?

Charles Jeter, ESET cybercrime investigator January 10, 2011

In 2011 and the new age of cyberwarfare, what differentiates a military corporation from a security corporation? Are you now working in a cyberwarfare capacity? If so, what restrictions on global trade should CIOs be concerned with?
 

Ten years of evolving threats: A look back at the impact of notable malicious wares of the past decade

Derek Manky, project manager, Fortinet Fortiguard Labs November 15, 2010

As security firm Fortinet celebrates 10 years in business, Fortiguard Labs took a look at the 10 most intriguing threats during the past decade and showed how their feature sets have evolved, Darwin-like, over time.
 

Storm Worm making comeback with new spam run

April 28, 2010

Researchers at CA say they have detected a new variant of the Storm Worm, the infamous botnet best known for its spam-producing abilities, but which was effectively killed off more than a year ago.
 

Web fraud losses more than double in 2009, says report

March 15, 2010

Losses related to cybercrime more than doubled from 2008 to last year, according to a report from the Internet Crime Complaint Center (IC3)
 

Microsoft discloses zero-day IE flaw used in China attacks

January 14, 2010

The organized and well-resourced cybercriminals who compromised systems at Google, Adobe and more than 30 other large companies used a previously unknown, zero-day Internet Explorer exploit as part of their arsenal to install data-stealing malware on target machines, researchers at McAfee revealed Thursday.
 

Encryption protecting most mobile phones cracked

December 29, 2009

With a few thousand dollars and widely available open-source tools, the encryption algorithm used to protect most cell phone communications can be cracked, allowing an attacker to listen in on phone calls, researchers revealed Sunday at a security conference.
 

Serious vulnerability in SSL discovered

November 05, 2009

A newly discovered SSL flaw could allow an attacker to launch a man-in-the-middle attack and intercept an SSL-protected session, according to researchers.
 

BlackBerry snooping application released

October 29, 2009

A snooping application, called PhoneSnoop, allows an attacker to remotely activate a BlackBerry microphone and listen in on surrounding conversations.
 

Report: Cyberdeterrence may be unwise military strategy

October 09, 2009

A new report suggests that, instead of threatening retaliatory attacks to deter cyberwar, the U.S. military should employ more diplomatic strategies.
 

Black Hat: Clampi banking trojan spreading rapidly

July 30, 2009

A newly revealed banking trojan is considered one of the biggest threats on the internet because of the way it can quickly spread.
 

New BIND 9 DNS flaw is worse than Kaminsky's

July 29, 2009

A flaw in all versions of BIND 9 reportedly being widely exploited has the potential to cause widespread damage if it goes unpatched, security experts said.
 

Industry group releases software integrity framework

July 21, 2009

Not enough emphasis is placed on the integrity of software, according to a software assurance group, which hopes to change that mentality with a new framework.
 

"Harry Potter" malware hits

July 17, 2009

Hackers are leveraging the popularity of a summer blockbuster to dish out malware, according to anti-virus provider ThreatFire. Links related to the new "Harry Potter" movie are popping up across the web, especially on sites such as Digg.com and Blogspot.com, the company said Thursday in a blog post. If users follow the link, they are brought to a site claiming to offer a video of the movie but actually tries to get them to install a host of malware, including the Koobface worm and rogue anti-virus programs. — DK
 

Black Hat topics include hacking parking meters, social networks

June 19, 2009

Researchers are set to discuss a wide range of topics at the annual Black Hat conference.
 

"Nine-Ball" mass injection attack compromised 40,000 sites

June 17, 2009

A new threat dubbed "Nine-Ball" has compromised up to 40,000 legitimate websites that are now infecting users with an information-stealing trojan, according to security vendor Websense.
 

Cybercriminals targeting Twitter "trending topics"

June 04, 2009

Cybercriminals are using Twitter to propagate malicious links in an attack that's easier to mount than black-hat search-engine optimization (SEO), according to PandaLabs.
 

Google rates Gumblar distribution URL as top malware site

June 04, 2009

The URL hosting the Gumblar attack, which has compromised thousands of legitimate websites with code that silently redirects users to a single Chinese domain, heads its list of Top 10 malware sites, according to Google.
 

The many morphs of a phishing/malware scam

June 03, 2009

A new attack targeting Outlook users has morphed from trying to retrieve login credentials to attempting to infect users with fake anti-virus products.
 

Twitter hit with rogue anti-virus scams

June 02, 2009

Users of popular blogging platform Twitter fell victim this past week to a scareware scam.
 

Hackers hit U.S. Army websites

June 01, 2009

A group of computer hackers based in Turkey breached the sites of two U.S. Army facilities, leveraging SQL injection attacks.
 

"Beladen" website compromises cropping up

June 01, 2009

A mass injection attack similar but unrelated to Gumblar has infected more than 40,000 websites, according to new research from Websense.
 

New Windows zero-day

May 28, 2009

Microsoft on Thursday issued a security advisory for a new vulnerability in DirectX, used on Windows to enable graphics and sound, that could enable a remote hacker to execute arbitrary code if users open specially crafted QuickTime files. Microsoft said that it was aware of active attacks using exploit code for the vulnerability. Windows 2000 (SP4), Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not. — CAM
 

Setting cybersecurity as a national priority is just the beginning

May 27, 2009

A review of federal cybersecurity policies, scheduled for release Friday, will serve as a call to action for the public and private sectors.
 

Fed cyber-review out Friday

May 26, 2009

White House spokesman Robert Gibbs announced Tuesday that President Obama will release the highly anticipated 60-day review of federal government cybersecurity initiatives on Friday. The report was developed by Melissa Hathaway, who started investigating federal cybersecurity infrastructure and policies during February, and delivered the finished document in April. Gibbs called the report is an important first step toward securing the nation's cyberinfrastructure. — CAM
 

New cyberattack technologies developed for U.S. military

May 26, 2009

The U.S. military is developing and testing several new offensive and defense cyberdevices, including a system that would enable non-expert military personnel to launch a cyberattack, a defense and aerospace industry publication reported last week.
 

Experts offer tips to deal with Gumblar malware

May 21, 2009

A number of security organizations are offering tips to deal with the Gumblar drive-by exploit, which is growing ever more pervasive.
 

Website risks highlighted in two new studies

May 18, 2009

Two reports released this week confirmed the tidal shift in the type of websites into which cybercriminals are injecting malware.
 

Study: Majority of adolescents online have tried hacking

May 15, 2009

A new study from Panda Security found that 67 percent of teenagers surveyed admitted to having tried to hack into friends' instant messaging or social network accounts.
 

Mac worm poses little risk, represents cross-platform innovation

May 05, 2009

A recently discovered Macintosh worm, known as OSX/Tored.A, remains a low-risk threat but is an indication that malware authors are not turning a blind eye to the Apple platform, researchers said Tuesday.
 
Powered by Disqus
Popular Topics
Android Anonymous Application Security Breaches & Exposures Data Breaches DNS Education Finance Government Hackers Hacktivism Health Care Insider Threat Lawbreakers & Cybercrime Lawsuit Legislation LulzSec Malware Mobile Applications Mobile Devices Phishing Privacy Rootkits SC Awards 2012 Trojans