Security firms are analyzing a rare piece of data-stealing and web traffic-tracking malware that is able to spread onto virtual machines from the host operating system.
Suspicions that the sophisticated espionage toolkit Flame was created by the same authors as Stuxnet are true, according to a published report.
A severe vulnerability in the Remote Desktop Protocol, which was patched by Microsoft on Tuesday along with six other bugs, affects all versions of Windows and could result in a worm.
Microsoft on Tuesday patched one "critical" vulnerability, plus three other less-severe flaws. Not patched, as expected, is a bug related to the Duqu trojan.
A piece of malware that has drawn comparisons to the notorious Stuxnet worm is using an unknown Windows kernel vulnerability to infect its targets.
A Windows worm known as Morto uses a unique way for infected machines to phone home for instructions.
Security firms have just spotted a new worm, but experts don't think it will run rampant because there is no vulnerability involved.
The Qakbot worm attack revealed this week that led to theft of personal information belonging to 210,000 unemployed claimants in Massachusetts was not an isolated case.
An undetectable version of a two-year-old worm has infiltrated the network of a state agency in Massachusetts to steal sensitive information.
On the heels of the Stuxnet worm, Iran officials say they have discovered a new piece of malware also designed to sabotage government systems.
A major U.S. energy supplier has found no evidence of breach despite claims by a former employee that he hacked into the company's New Mexico wind turbine facility as revenge for being fired.
Researchers at web security firm Websense have discovered a new Koobface campaign that is spreading on Facebook via direct messages sent from compromised accounts. Those behind the latest campaign have attempted to obfuscate the URL in each message to avoid detection by security software or Facebook security controls, researchers said Friday. Recipients of the message are told to follow a link to view a video in which they appear. After clicking the link, users are directed to a malicious site, where they are instructed to download a "missing Flash plug-in" to play the supposed video. The download is actually a variant of the Koobface worm. - AM
A new wave of malicious emails containing a fake Microsoft Windows security update began hitting inboxes in an effort to spread malware, researchers at anti-virus firm Sophos have warned. The messages, which appear to be sent from Microsoft's security team and contain the subject line "Update your Windows," advise users to update their operating system by downloading an attached executable file, Graham Cluley, senior technology consultant at Sophos, wrote in a blog post Tuesday. The attached file, called "KB453396-ENU.zip," is actually an AutoRun worm. Users should be advised that Microsoft never distributes security updates via email attachments, Cluley said. - AM
Researchers at the nonprofit Shadowserver Foundation believe they have identified a new version of either the Storm or Waledac worm, thanks to a large-scale influx of New Year's-themed spam. The emails purport to be a New Year's greeting card but contain a link to a malicious domain, claiming to host a fake Flash Player that actually is an exploit. The evil domains use fast-flux techniques to hide the host server. "The whole point of this botnet is to install malware onto systems of unsuspected visitors," researcher Steven Adair wrote on the Shadowserver blog. Storm first appeared on the scene in 2007, capitalizing on current events and holidays, and was effectively replaced by Waledac in 2009. - DK
Advocacy groups and independent media face a variety of damaging cyberattacks, and there is little they can do to stop them, a new study from Harvard University concludes.
Ten years of evolving threats: A look back at the impact of notable malicious wares of the past decadeNovember 15, 2010
As security firm Fortinet celebrates 10 years in business, Fortiguard Labs took a look at the 10 most intriguing threats during the past decade and showed how their feature sets have evolved, Darwin-like, over time.
The notorious Koobface worm is back, this time with a variant that runs on Mac OS X machines.
Computer security professionals can learn from the Stuxnet outbreak.
Microsoft's October security update will be a doozie, as 16 patches for 49 vulnerabilities is planned.
A recent mass-spreading email worm demonstrated how far user education, industry collaboration and technology have come to fight malware, but it also served as a reminder that the criminals remain one step ahead.
The Stuxnet worm should serve as a wake-up call that cyberwarfare is a reality, experts said.
Twitter is cleaning up from another fast-spreading worm that forced users to tweet out a graphic message.
Microsoft devoted yet another patch this month to close off the possible spread of the insidious Stuxnet worm, which was built to target industrial control systems, specifically products manufactured by SCADA manufacturer Siemens.
The person responsible for the "Here you have" email worm, which wreaked havoc last week on businesses across the United States, may be part of a cyber-jihad group wanting to hack into U.S. Army IT systems.
A number of major U.S. major organizations were affected by a rapidly spreading email worm that hit inboxes worldwide beginning Thursday.
Never mind the advanced persistent threat. A new mass-mailing worm that may conjure up images of Nimda and Code Red appears to be threatening email infrastructures.
A quarter of new worms this year specifically have been designed to spread through USB storage devices, researchers at Panda Security said Thursday. This malware typically is designed to copy itself to any device capable of storing information, including flash sticks, cell phones, external hard drives, DVDs, and MP3 players. The malware is highly effective and typically runs automatically when a USB device is connected to a computer, silently infecting the system. — AM
Microsoft has issued a new "Fix It" temporary remedy for a Windows vulnerability that is permitting targeted malware to spread via removable media.
A top Symantec engineer recounts one of the most exciting days of his career: Ten years ago this week, the ILOVEYOU, or LoveBug, worm spread across the world and crippled PCs.
Researchers at ESET are tracking yet another outbreak of the insidious Koobface worm. The malware is spreading through Facebook messages that claim to offer hidden cameras showing erotic video. Users are asked to click on a link, which leads to a request to download a fake Adobe Flash update. If infected, machines are hit with a potent trojan cocktail that can block access to security websites, change DNS settings, install rogue anti-virus software and steal passwords. One unique feature of the ruse is that users can only click on the malicious link once — the next time they reach an error page. "It's assuming you're a security researcher trying to do research on it," Randy Abrams, director of technical education at ESET, told SCMagazineUS.com on Wednesday. — DK
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards