The most critical flaw could lead to the installation of the backdoor trojan Poison Ivy on victims' machines.
Security firms are analyzing a rare piece of data-stealing and web traffic-tracking malware that is able to spread onto virtual machines from the host operating system.
A Windows vulnerability that Microsoft patched back in April continues to be used in targeted attacks against political, industrial and defense organizations.
One of the world's largest spam botnets, responsible for as much as a third of all unwanted mail sent as recently as last week, is finally offline, according to security firm FireEye.
Three men who used the SpyEye trojan to break into online bank accounts have been sentenced to prison in the U.K.
Protesters in Syria wanting to overthrow the Assad regime are being targeted in government-backed espionage efforts.
Suspicions that the sophisticated espionage toolkit Flame was created by the same authors as Stuxnet are true, according to a published report.
Not surprisingly, malware writers have turned out an exploit for an Internet Explorer vulnerability patched last week by Microsoft. At least one site -- Amnesty International Hong Kong -- was hit.
June 01, 2012
The only way to gain the upper hand on today's advanced adversaries is by being proactive -- even aggressive, a tactic that can take many forms, says Joel Yonts, CISO of an automotive supply company.
Researchers at security firm F-Secure said this week they have spotted a malicious PDF making the rounds that opens a legitimate copy of the Games' schedule, but in the background it tries to connect to a malicious website.
With a July 9 deadline looming for machines infected with the DNSChanger trojan to still be able to access the internet, Google is lending a helping hand to inform users of compromise.
To further stop the spread of the Flashback trojan, Apple on Monday released two security updates for Mac OS X 10.5 (Leopard).
Just when you thought all of the windows that control system recon trojan Duqu used to propagate had been roped off, the software giant releases a new set of fixes.
A new development in the criminal underground is to peddle trojans that steal credit card data from hotels.
Symantec analysis of the botnet shows that many computers remain compromised with the trojan, though hundreds of thousands have been cleaned, and the infrastructure contains a Twitter communication apparatus.
Apple has released a third update related to Flashback, but this time, the patch comes with a detection and removal capability for the prolific trojan, and disables Java by default.
A live exploit is making the rounds that takes advantage of a bug in Java, which has already been patched, but hasn't yet made its way to Mac OS X users.
Researchers have uncovered a rare instance of so-called espionage malware for the Mac OS X platform.
The year's first variant of the notorius W32.Duqu, a trojan that seems intended for cyber war, has been discovered by Symantec researchers.
The exploit, which is being used in targeted attacks, arrives as an email that contains a Microsoft Word file and a separate DLL file, a rare combination considering DLL files are not typically sent over email.
Symantec is trying to call attention to 13 applications that have showed up in the official Android Market over concerns that they contain software development tools that enable the theft of data.
The self-regulating authority of Wall Street is warning securities firms about a rise in customers' email accounts being hacked to deliver bogus funds transfer requests.
Researchers warned Thursday that a recently patched vulnerability in Windows Media is being used by remote attackers to launch malware.
Eighty-five percent of all malware is web-based, and some 30,000 websites are newly infected with malicious code each day, according to Sophos' "Security Threat Report 2012."
With the Super Bowl less than two weeks away, Symantec researchers said Tuesday that have spotted a malicious application in unofficial Android markets claiming to offer a version of the popular video game Madden NFL 12.
Defense contractors appear to be the prime target of sophisticated malware that attempts to take advantage of an unpatched flaw in Adobe Reader and Acrobat software.
On Oct 20, just two days after researchers released details about the Duqu malware, its creators scrubbed all the files from their command-and-control servers in an effort to conceal their identity.
November 29, 2011
Mobile malware authors have skipped the rudimentary phase and are immediately creating threats that mimic complex malicious code common in the traditional PC environment. But defense technologies are countering with sophistication of their own.
November 29, 2011
A Georgia bank found a tool to protect financial transactions and payments...while meeting compliance demands, reports Greg Masters.
Attackers have been circulating a trojan via email messages with subjects such as "ACH payroll payment was not accepted by Central Trust and Savings Bank."
