May 07, 2013
One of the masterminds behind the pernicious SpyEye banking trojan has been extradited to the United States, where he will face charges for computer and wire fraud.
According to reports, the compromised page, for the Site Exposure Matrices (SEM), has been cleaned, but it remains offline.
In this month's debate, experts discuss if advanced malware is still a persistent challenge after administrator rights are removed.
May 01, 2013
For our May issue's "threat of the month," we focused on pdf.exe.zip files, an old-style email executable attachment attack.
The trojan carries out a one-time password scam. Researchers who studied the new malware strain, affecting U.K. bank customers, said they are fascinated by the attention to detail the fraudsters applied to the ruse.
The Travnet botnet uploads Microsoft Office files, PDFs and text files to remote servers run by attackers.
April 23, 2013
In addition to the exploit, which leverages a recently patched bug, a researcher has discovered a fresh vulnerability in the newly minted version of Java SE.
Despite the arrests of Gozi ringleaders, the banking trojan still persists and is behind thousands of new infections in the United States.
Attackers wanting to compromise apps in Google's official store leveraged an advertising network to foist their malware to unsuspecting victims.
Spam campaigns are sending out spurious emails purported to be from Facebook, LinkedIn, American Airlines and financial institutions, McAfee researchers found.
Client-side, web-based threats are beginning to overtake malware mainstays such as Conficker, according to a Microsoft report.
A trojan that uses a "magical" authentication code to communicate with its command-and-control server has compromised thousands of organizations around the globe. So far, however, it has remained largely silent.
As expected, the web's unscrupulous element is taking advantage of the attention surrounding the Boston Marathon bombings to spread malware and trick people into donating to fake causes.
Symantec's annual "Internet Security Threat Report 2013" concentrated on the success attackers are attaining by sabotaging legitimate websites.
German research institute AV-TEST conducted the study over a period of 18 months.
April 12, 2013
The "PlaneSploit" application was three years in the making, and is able to remotely attack flight management systems, though the program was built to only work on virtual aircraft.
April 11, 2013
Fortinet researchers have tracked 100,000 new ZeroAccess trojan infections per week, making the botnet very lucrative to its owners.
Attackers use phishing emails, which include links to a fake Adobe Flash update, to lure victims into installing the Stels trojan.
Law enforcement in Russian and Ukraine have dealt a major blow to a prolific banking malware operation.
April 03, 2013
No matter the industry, organizations are facing a flurry of sophisticated attacks, with the main goal being to hijack intellectual property, according to new findings from security firm FireEye.
New clues turned up by researchers at the University of Toronto show that an Android malware spy campaign appears to be the work of Chinese hackers, possibly with the assistance of the nation's government or a major corporation.
April 01, 2013
Espionage and fraud in cyber is not an armed conflict, says SystemExpert's Jonathan Gossels.
April 01, 2013
Are there ways to catch sophisticated malware that hides in trusted processes and services? Deb Radcliff finds out.
March 27, 2013
As the debate on the usefulness of anti-virus continues, recent research reveals that a majority of malware is delivered via web browsing, skirting AV along the way.
Security researchers have found evidence that, not surprisingly, social engineering tactics were leveraged by the attackers, who set their malware to "go off" three days after reaching victims.
March 22, 2013
The trojan was recently a topic of discussion on an underground Russian forum, researchers found.
Saboteurs are spreading the Yontoo trojan, which infects computers so they display certain advertisements to infected users.
Researchers at Symantec believe a trojan called "Jokra" was used in the attacks. Neighboring North Korea is considered a suspect, but there's no evidence suggesting it is to blame.
A worm detected on a school server at Salem State University caused a breach.
The Federal Trade Commission and the Better Business Bureau are alerting businesses about the new threat.
