One of the most important pieces of advice we give Android users is to refrain from downloading applications from dubious sources and to stick to the official Google Play store, where malware does show up from time to time but is much better controlled, thanks to the Google Bouncer, than on alternative app stores.
With Black Hat 2014 in full swing in Las Vegas, it was never going to be a quiet week – but revelations about FBI malware and a trove of a billion passwords inspired furious debate too.
Cybercriminals are waging a game of ‘cat and mouse’ with corporations, well-armed with malware protection AV software but facing adversaries who scan constantly for weak points, according to the first quarterly report released by the UK’s new Computer Emergency Response Team.
Since a recent claim researchers could “uncloak” Tor users for less than $3,000, there has been a flurry of activity in the “anonymous” online service – but in the form of new adverts, new markets, and new security.
The risks of using government use of malicious code in cyber conflict are examined in this paper by Andrew Lee and Stephen Cobb: Malware is called malicious for a reason: the risks of weaponizing code.
New malware targeting point of sale (PoS) systems, detected by ESET as Win32/Spy.Agent.OKG is described in a warning and analysis distributed by US-CERT, a reminder to increase security around PoS access.
This week in security news saw the world’s researchers discover a whole new range of Achilles Heels for PCs, the online privacy service Tor, and even ‘connected’ gadgets such as internet fridges.
The billions of USB ports in use in PCs are vulnerable to a new attack – which can undetectably install malware, steal data and seize control of machines.
Account hackers and thieves who loot magic weapons, armor and hard-won game currency from players in massively multiplayer titles such as World of Warcraft should face the same sentences as real-world thieves, a politician has suggested.
Disgruntled employees and other malicious insiders could be one of the most serious security threats companies face – but the importance of the threat from the ‘enemy within’ varies according to who you ask.
Thinking of spending some time perusing Japanese porn websites before you do your online banking? Security researchers at ESET have analysed an organised malware campaign that stole the login credentials of online banking customers after infecting PCs that had visited X-rated websites.
Win32/Aibatook targets Japanese bank customers with an unusual Internet Explorer monitoring technique. We believe the malware has been in development for months – and is now ready for take-off.
“Phishing attack ahead” is similar to the stark, clear warnings delivered by road signs – and web users will soon benefit from this sort of plain-speaking alert, at least when using Google’s Chrome browser.
Guests who used business centers in American hotels may be at risk from gangs installing keylogger malware on the computers to steal banking and email passwords.
A notorious strain of banking malware, known as Caphaw – or Shylock, due to snippets of Shakespeare’s Merchant of Venice embedded in its code – has seen its command and control servers shut down in a major international police operation.
Banking malware built to misdirect a Brazilian form of bank payment method targeted $3.75 billion of transactions over the past two years – and the scale of the attack may have eclipsed any single previous instance of electronic theft.
A hack shown off by Dutch security researchers allows an attacker to ‘take over’ Google’s new Glass headset, and send pictures and videos from the frames’ built in camera, to another computer – in effect, seeing through their victim’s eyes
ESET researchers recently came across a targeted attack against the Vietnamese government’s Ministry of Natural Resources and Environment (MONRE).