A while back a malicious program called DroidDream was found on the Google Marketplace. The thing about DroidDream is that it exploited a vulnerability that gave it root access. Now contrast how Google treats security software. Security applications are not allowed to have root access. The truth is that the most popular mobile platforms (and

My colleagues in Hungary have released some slightly alarming statistics about malware awareness in their part of the world. Research carried out on their behalf by NRC suggests that a significant proportion of Hungarian Internet users don't even know what AV software is installed on their computer (or, presumably, if anything is installed.) http://www.eset.hu/hirek/holgyek-tessek-vedekezni?back=%2Fhirek Out

We like to give you plenty of warning when we suspect that something unpleasant is coming down the pike, even if it's just one of those likely bursts of Black Hat SEO (web search poisoning) that come with a media-friendly event. Still, I suspect that if I told you we expect lots of malicious activity

My colleague Aleks Matrosov has come across an interesting if uncomfortable post on a Russian language forum, advertising a "Boot loader for drivers" currently under test that doesn't require a Digital Signature driver, which sounds very much like our old friend TDL4. This metamorphic malware (each build generates a fresh binary) loads before the start of PatchGuard. It's

…So here are what we consider to be the 10 commandments of corporate security…

Dear Twitter, I'm afraid our relationship is just not working these days: in fact, we seem to have stopped communicating almost immediately you cosied up to our mutual friend Tweetdeck. Clearly, I'm the spare part in this relationship, since Tweetdeck isn't talking to me much, either. How can you treat me like this? Since I'm

Over the past couple of years rogue online pharmacies have been advertising their domains on search engines and promoting themselves through search engine optimization.  Legitimate pharmaceutical companies have their own measures in place to work on taking these sites offline.  The problem with rogue online pharmacies is that they do not meet federal regulations.  To

In an unfortunate series of events related to the RSA SecurID technology, reports are coming in that Lockheed Martin's networks have been broken into by unknown perpetrators.  Jim Finkle and Andrea Shalal-Esa broke an exclusive story and reached out to folks in the industry to get to the truth. "They breached security systems designed to

…Aleksandr Matrosov and Eugene Rodionov recently delivered a presentation on “Defeating x64: The Evolution of the TDL Rootkit” at Confidence 2011, in Krakow, and now available on our white papers page…

Update: It seems like the initial article is inaccurate and that Paul Rellis never made any such comments about a 14 year old breaking into the X-Box live servers and have not offered to mentor him http://kotaku.com/5805742/microsoft-is-helping-an-xbox-live-hacker-develop-his-talent TekGoblin reports (http://www.tekgoblin.com/2011/05/27/14-year-old-call-of-duty-hacker-hired-by-microsoft/) that a teenager who broke into the Call of Duty Modern Warfare 2 gameservers last