Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

 Trojans

Google to help rid PCs of trojan that will prevent web access

May 23, 2012

With a July 9 deadline looming for machines infected with the DNSChanger trojan to still be able to access the internet, Google is lending a helping hand to inform users of compromise.
 

More Mac security updates to extinguish Flashback trojan

May 15, 2012

To further stop the spread of the Flashback trojan, Apple on Monday released two security updates for Mac OS X 10.5 (Leopard).
 

Microsoft hands out more Duqu fixes despite prior patch

May 08, 2012

Just when you thought all of the windows that control system recon trojan Duqu used to propagate had been roped off, the software giant releases a new set of fixes.
 

Trojan designed to take screenshots of hotel payment apps

April 19, 2012

A new development in the criminal underground is to peddle trojans that steal credit card data from hotels.
 

Roughly 140K Flashback-infected computers remain

April 17, 2012

Symantec analysis of the botnet shows that many computers remain compromised with the trojan, though hundreds of thousands have been cleaned, and the infrastructure contains a Twitter communication apparatus.
 

Third Apple Java update rids infections and turns off Java

April 13, 2012

Apple has released a third update related to Flashback, but this time, the patch comes with a detection and removal capability for the prolific trojan, and disables Java by default.
 

"Flashback" trojan targets Mac computers

April 02, 2012

A live exploit is making the rounds that takes advantage of a bug in Java, which has already been patched, but hasn't yet made its way to Mac OS X users.
 

Trojan targets Tibetan activist groups that use Macs

March 30, 2012

Researchers have uncovered a rare instance of so-called espionage malware for the Mac OS X platform.
 

Duqu variant uncovered

March 23, 2012

The year's first variant of the notorius W32.Duqu, a trojan that seems intended for cyber war, has been discovered by Symantec researchers.
 

Trojan appears that leverages patched Microsoft Office flaw

February 09, 2012

The exploit, which is being used in targeted attacks, arrives as an email that contains a Microsoft Word file and a separate DLL file, a rare combination considering DLL files are not typically sent over email.
 

Google won't pull Android apps deemed malicious

January 31, 2012

Symantec is trying to call attention to 13 applications that have showed up in the official Android Market over concerns that they contain software development tools that enable the theft of data.
 

FINRA advises brokers to bulk up security

January 27, 2012

The self-regulating authority of Wall Street is warning securities firms about a rise in customers' email accounts being hacked to deliver bogus funds transfer requests.
 

Just-patched critical Microsoft bug under attack

January 26, 2012

Researchers warned Thursday that a recently patched vulnerability in Windows Media is being used by remote attackers to launch malware.
 

Study: BlackHole appears, Conficker remains

January 26, 2012

Eighty-five percent of all malware is web-based, and some 30,000 websites are newly infected with malicious code each day, according to Sophos' "Security Threat Report 2012."
 

Android app claims to be Madden 12 video game

January 24, 2012

With the Super Bowl less than two weeks away, Symantec researchers said Tuesday that have spotted a malicious application in unofficial Android markets claiming to offer a version of the popular video game Madden NFL 12.
 

Lockheed Martin hit, but not breached, with Adobe zero-day

December 08, 2011

Defense contractors appear to be the prime target of sophisticated malware that attempts to take advantage of an unpatched flaw in Adobe Reader and Acrobat software.
 

Duqu perpetrators wipe command servers of evidence

December 01, 2011

On Oct 20, just two days after researchers released details about the Duqu malware, its creators scrubbed all the files from their command-and-control servers in an effort to conceal their identity.
 

Preparing for mobile security emergencies

Lysa Myers, director of research, West Coast Labs November 29, 2011

Mobile malware authors have skipped the rudimentary phase and are immediately creating threats that mimic complex malicious code common in the traditional PC environment. But defense technologies are countering with sophistication of their own.
 

In the vault: The Coastal Bank and IronKey

November 29, 2011

A Georgia bank found a tool to protect financial transactions and payments...while meeting compliance demands, reports Greg Masters.
 

ACH debit transfer emails leading to malware

November 10, 2011

Attackers have been circulating a trojan via email messages with subjects such as "ACH payroll payment was not accepted by Central Trust and Savings Bank."
 

FBI arrests six in click-fraud cyber scam that netted $14M

November 09, 2011

A gang of Estonians is accused of infecting millions of computers, many in the United States, with DNS-changing trojans capable of manipulating the online advertising industry through clickjacking.
 

Part Two: Duqu: father, son, or unholy ghost of Stuxnet?

Jeremy Sparks, Robert M. Lee, and Paul Brandau, cyberspace officers November 09, 2011

Three U.S. Air Force information security experts, independent of their role in the military, studied the Duqu trojan, and you might be surprised by what they found. This is the second article in a two-part series that examines the sophisticated threat that everyone is talking about.
 

Microsoft releases four security patches, one critical

November 08, 2011

Microsoft on Tuesday patched one "critical" vulnerability, plus three other less-severe flaws. Not patched, as expected, is a bug related to the Duqu trojan.
 

Duqu trojan spreads through 0-day Microsoft bug

November 01, 2011

A piece of malware that has drawn comparisons to the notorious Stuxnet worm is using an unknown Windows kernel vulnerability to infect its targets.
 

Disgraced bike champ accused of cybercrime

October 26, 2011

Cyclist Floyd Landis, who was stripped of his Tour de France medal in 2006 following positive doping results, now faces arrest in France for his alleged involvement in planting a trojan on the computer network of the French national anti-doping laboratory (LNDD), which conducted the test. According to reports, French prosecutors said Landis and Arnie Baker, his coach at the time, employed a hacker at Kargus Consultants to plant the trojan in an attempt to steal documents from the lab for an appeals process they were pursuing. Kargus has also been suspected of breaking into Greenpeace and French utility company EDF. Prosecutors said Landis should serve an 18-month suspended prison sentence for his part in the alleged scheme.
 

Duqu underscores trouble AV industry has in stopping threats

October 21, 2011

The slowness by which an offspring of Stuxnet was discovered may be further proof that attackers have a significant leg up on the security community.
 

New malware appears carrying Stuxnet code

October 18, 2011

A sibling of one of the most complex and potentially menacing computer worms ever created has impacted roughly five Europe-based manufacturers of industrial control systems, security researchers said Tuesday.
 

Keep your PCs closed to online criminals

Mike Cote, vice president, Dell SecureWorks October 14, 2011

Small and midsize businesses have been hit hard by corporate bank account takeovers. But there are easy-to-implement techniques to ensure the criminal passes them over in favor of a lower-hanging fruit.
 

Fake Android app mimics Netflix-for-mobile

October 12, 2011

A malicious app, masquerading as the online streaming video service Netflix, aims to steal information from Android users, according to Symantec research.
 

Microsoft adds "major" update to detect Zeus trojan

September 15, 2011

Microsoft has introduced a "fairly major" update to its Malicious Software Removal Tool to detect and kill infections of the insidious and constantly morphing data-stealing malware family known as Zbot, or Zeus. Since the software giant first added detection for Zeus last October, hundreds of thousands of Windows PCs have been expunged of the threat, prominent in banking and e-commerce fraud. But as Zeus, which recently merged code bases with SpyEye, continues to acquire advanced evasion capabilities, Microsoft has had to fight "sneakiness with sneakiness," according to a blog post on Wednesday. The company introduced the update as part of its monthly security patches, released on Tuesday.
 
Popular Topics
4G-war Advanced Persistent Threat Adware AMTSO Anonymous Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws