Emerging Threats

Black Hat topics include hacking parking meters, social networks

Angela Moscaritolo June 19, 2009

Researchers are set to discuss a wide range of topics at the annual Black Hat conference.
 

"Nine-Ball" mass injection attack compromised 40,000 sites

Angela Moscaritolo June 17, 2009

A new threat dubbed "Nine-Ball" has compromised up to 40,000 legitimate websites that are now infecting users with an information-stealing trojan, according to security vendor Websense.
 

Cybercriminals targeting Twitter "trending topics"

Angela Moscaritolo June 04, 2009

Cybercriminals are using Twitter to propagate malicious links in an attack that's easier to mount than black-hat search-engine optimization (SEO), according to PandaLabs.
 

Google rates Gumblar distribution URL as top malware site

Angela Moscaritolo June 04, 2009

The URL hosting the Gumblar attack, which has compromised thousands of legitimate websites with code that silently redirects users to a single Chinese domain, heads its list of Top 10 malware sites, according to Google.
 

The many morphs of a phishing/malware scam

Angela Moscaritolo June 03, 2009

A new attack targeting Outlook users has morphed from trying to retrieve login credentials to attempting to infect users with fake anti-virus products.
 

Twitter hit with rogue anti-virus scams

Greg Masters June 02, 2009

Users of popular blogging platform Twitter fell victim this past week to a scareware scam.
 

Hackers hit U.S. Army websites

Chuck Miller June 01, 2009

A group of computer hackers based in Turkey breached the sites of two U.S. Army facilities, leveraging SQL injection attacks.
 

"Beladen" website compromises cropping up

Angela Moscaritolo June 01, 2009

A mass injection attack similar but unrelated to Gumblar has infected more than 40,000 websites, according to new research from Websense.
 

New Windows zero-day

Chuck Miller May 28, 2009

Microsoft on Thursday issued a security advisory for a new vulnerability in DirectX, used on Windows to enable graphics and sound, that could enable a remote hacker to execute arbitrary code if users open specially crafted QuickTime files. Microsoft said that it was aware of active attacks using exploit code for the vulnerability. Windows 2000 (SP4), Windows XP, and Windows Server 2003 are vulnerable; all versions of Windows Vista and Windows Server 2008 are not. — CAM
 

Setting cybersecurity as a national priority is just the beginning

Greg Masters May 27, 2009

A review of federal cybersecurity policies, scheduled for release Friday, will serve as a call to action for the public and private sectors.
 

Fed cyber-review out Friday

Chuck Miller May 26, 2009

White House spokesman Robert Gibbs announced Tuesday that President Obama will release the highly anticipated 60-day review of federal government cybersecurity initiatives on Friday. The report was developed by Melissa Hathaway, who started investigating federal cybersecurity infrastructure and policies during February, and delivered the finished document in April. Gibbs called the report is an important first step toward securing the nation's cyberinfrastructure. — CAM
 

New cyberattack technologies developed for U.S. military

Angela Moscaritolo May 26, 2009

The U.S. military is developing and testing several new offensive and defense cyberdevices, including a system that would enable non-expert military personnel to launch a cyberattack, a defense and aerospace industry publication reported last week.
 

Experts offer tips to deal with Gumblar malware

Chuck Miller May 21, 2009

A number of security organizations are offering tips to deal with the Gumblar drive-by exploit, which is growing ever more pervasive.
 

Website risks highlighted in two new studies

Greg Masters May 18, 2009

Two reports released this week confirmed the tidal shift in the type of websites into which cybercriminals are injecting malware.
 

Study: Majority of adolescents online have tried hacking

Greg Masters May 15, 2009

A new study from Panda Security found that 67 percent of teenagers surveyed admitted to having tried to hack into friends' instant messaging or social network accounts.
 

Mac worm poses little risk, represents cross-platform innovation

Angela Moscaritolo May 05, 2009

A recently discovered Macintosh worm, known as OSX/Tored.A, remains a low-risk threat but is an indication that malware authors are not turning a blind eye to the Apple platform, researchers said Tuesday.
 

National Academy of Sciences says U.S. needs cyberattack plan

Angela Moscaritolo April 30, 2009

U.S. cyber capabilities are at least as powerful as its most sophisticated adversary, but the country needs a clear plan should it decide to unleash a digital attack of its own, according to a report from the National Academy of Sciences released Wednesday.
 

RSA: Security strategies in a down economy

Greg Masters April 23, 2009

IT security pros need new strategies to fund their initiatives, according to an RSA panel.
 

Possible bug in Apple's iPhone

Angela Moscaritolo April 17, 2009

It may be possible to trick the iPhone into running code that enables shellcode -- which if successfully exploited would enable an attacker to run whatever code they wanted on the phone.
 

Mac attack: Bot herders going after Apple computers

Greg Masters April 17, 2009

Bot herders have found a way to infest Mac computers: via pirated software.
 

Twitter worm search poisoned

Dan Kaplan April 15, 2009

Cybercriminals are poisoning results when users search for information on the Twitter worm that was unleashed over the weekend, according to security firm F-Secure. The attackers use search-engine optimization tactics so that their malicious sites -- serving up fake anti-virus software -- rank near the top of results. These types of attacks are not uncommon, as opportunists typically leverage popular news or trendy terms to poison search results, F-Secure said. — DK
 

Cyber assurance needs teeth

Greg Hoglund, CEO, HBGary April 15, 2009

The Obama administration needs to take firm action now to give organizations the tools to fight cyberthreats.
 

Despite downturn, IT security spending to increase

Angela Moscaritolo April 13, 2009

Management increasingly is recognizing security as a top business priority, which is resulting in higher budgets for some organizations despite the economic slowdown, according to a new survey.
 

Tax scam season has arrived

Angela Moscaritolo April 09, 2009

With the U.S. tax filing deadline looming, cybercriminals are putting fraud efforts into high gear with tax-related phishing emails and websites designed to lure users into handing over their personal information, security firms are warning.
 

New Neeris worm variant imitates spread methods of Conficker

Dan Kaplan April 06, 2009

The Conficker worm has not just infected millions of computers worldwide, but it also is serving as a model for other malware.
 

Cyberspace: An environment of inevitability for federal agencies

Gary McAlum, senior manager, Deloitte & Touche April 01, 2009

Success in today's cybersecurity environment of inevitability will require a multidisciplinary approach and the critical success factor is leadership.
 

On the eve of Conficker, anticlimactic predictions abound

Dan Kaplan March 31, 2009

It's already April 1 in some parts of the world and there have yet to be any reports of internet meltdowns due to the activation date of the Conficker worm.
 

Is Conficker overhyped?

Dan Raywood March 27, 2009

Reports of the Conficker worm are being vastly exaggerated and it will not have as big an impact as is being predicted, claims a security researcher.
 

Google: No significant security issues with Google Docs

Chuck Miller March 27, 2009

Despite apparent security issues in Google Docs, the company is playing down the risks.
 

Poisoned search results capitalize on Conficker's popularity

Dan Kaplan March 26, 2009

Noticing increased media interest in the Conficker worm, purveyors of "scareware" programs have learned that the worm is now part of pop culture.
 

Latest News

« Previous
Next »
Popular Topics
Analyst Reports & Industry Surveys Anti Spam Anti Spyware Anti Virus Apple Threats Application Security Breaches & Exposures Browser Flaws Browsers And Security CAN-SPAM Act Data Loss Prevention Endpoint Protection Facebook Government Industry Surveys Lawbreakers & Cybercrime Malware Mobile Endpoint Security Privacy Privacy Regulation Social Networks Spam Spam Techniques Trojans Vulnerabilities & Flaws