Scans of a huge botnet have revealed that it has harvested at least 16 million usernames and passwords for email sites and other online services, according to a report released by German security agency, the Bundesamt für Sicherheit in der Informationstechnik (BSI).
Francois Gagnon is a Canadian business owner who was targeted because his company had lots of servers, and many customers – victims for the gang. Gagnon didn’t notice for weeks, until complaints from customers alerted him. A team of ESET experts contained the infection, and Gagnon’s help with forensics was also valuable.
A new technique for spotting cyber attacks has been designed by a young American student – and could prevent attacks against planes and power plants, by looking for abnormal communications within computers, rather than sifting for malicious software.
Armed with an impressive-looking shield logo, security app Virus Shield shot to the top of the sales charts on Android last week. There was one, tiny, problem: the app was a fake.
It’s one thing to have a security hole that relies upon users visiting an infected website, or opening a dodgy attachment – but it’s quite a different level of threat when simply *previewing* a message in your email client infects your computer.
Apps designed to ‘report’ on handset users’ communications while remaining undetected have increasingly become a factor in cases of domestic violence and even murder.
Malware written specifically for DVR recorders used for the output of surveillance cameras has forced some machines to mine Bitcoin – although the low-powered machines are ‘very bad’ miners, Wired points out.
If computers continue to run Windows XP, and don’t receive any more security patches. they are not just putting themselves and the data they carry at risk, they are endangering all of us who use the internet.
DNS hijacking is still going strong and the Win32/Sality operators have added this technique to their long-lasting botnet. This blog post describes how the malware guesses router passwords as part of its campaign to misdirect users, send spam and infect new victims.
Will the future be a murderous game of ‘smart device’ Cluedo, where Colonel Mustard meets his death at the hands of a Wi-Fi pacemaker, and Miss Scarlett is consumed in a Smart Home-ignited blaze. Not likely, says David Harley – where’s the profit motive?
Spyware which stealthily takes photographs using Google Glass’s built-in camera and uploads them to a remote server without the user being aware has been demonstrated successfully on the eyepiece – despite Google’s policies explicitly forbidding such programs.
Malware researchers at ESET have uncovered a widespread cybercriminal operation that has seized control of tens of thousands of Unix servers. Learn more about how to check your systems for compromise, and prevent innocent computer users from being attacked.
Our report titled “Operation Windigo – the vivisection of a large Linux server-side credential-stealing malware campaign” details our analysis of a set of malicious programs that infect servers and desktop PCs, and send nearly 500,000 web users to malicious content daily.”
A “particularly unpleasant” phishing email purporting to be the results of a blood count report showing that the recipient may have cancer is circulating. It seems to be sent from a government health care organization – but it’s a malware-laced scam.
Microsoft Word users have been urged to update their software after attacks against users of MS Word 2010, where opening a “specially crafted” Rich Text Format file allowed attackers to remotely execute code on the victim’s machine.
A post promising a video of a plane landing on water has been circulating on Facebook, with a title suggesting that it contains news footage of the rescue of passengers on board the missing flight MH370 – but there is no video, and it’s a criminal scam.
The emerging ‘internet of things’ raises big security questions, and vulnerabilities in connected devices such as ‘smart’ fridges may force companies to work together in a way never previously seen, according to Microsoft’s Jan Neutze.