We clarify that the Linux/Cdorked backdoor malware leaves no traces on the hard drive “other than its modified httpd binary” which can be scanned for detection in several ways.
Even passwords considered “strong” by IT departments are often now vulnerable to hacking, according to professional services firm Deloitte. The firm predicts that 90% of user generated passwords will be vulnerable to hacking this year.
Users of popular PC gaming service ESEA have discovered that their PCs have been hijacked to mine Bitcoins by malware served up alongside the company’s client. A hidden Bitcoin-mining process caused users’ graphics cards to overheat as it worked in the background.
The mysterious Avatar rootkit, detected by ESET as Win32/Rootkit.Avatar, appears to reflect a heavy investment in code development, with an API and a SDK available, plus an interesting abuse of Yahoo Groups for C&C communications.
Wireless carriers Verizon, AT&T, Sprint and T-Mobile are putting customers at risk by failing to fix well-known security vulnerabilities on Android phones, according to the American Civil Liberties Union (ACLU).
Twitter has warned media companies that attacks on their official Twitter accounts are liable to continue, after Britain’s Guardian newspaper became the latest high-profile news site to fall victim.
Daily deals site LivingSocial has become the latest high-profile site to fall victim to hackers, after an attack accessed information for 50 million accounts last week.
The American banking system needs to prepare or further cyber attacks in the coming months, a leading financial stability group has warned.
Analysis of a malicious backdoor serving Blackhole exploit pack found on Linux Apache webserver compromised by malware dubbed Linux/Cdorked.A, together with remediation tool and techniques.
Adrian Price, Head of Information Security at Britain’s Ministry of Defence, suggested that governments should devote 20% of their budget to protecting the nation’s data – a sum worth billions more than that currently allocated in countries such as the UK itself.
Twitter is said to be testing new security systems in the wake of a false Tweet from an official Associated Press account which sent stock markets tumbling in America.
Half of British adults use the same password across all the websites they access, according to telecoms regulator Ofcom. The data comes from a survey of 1805 adults aged 16 and up. The report, Adults’ Media Use and Attitudes Report 2013, found that 55% of adult internet users admitted they used the same password for
Most cyber attacks are simple and predictable, relying on basic tactics and preventable employee errors, according to Verizon’s annual Data Breach Investigations Report. The problem is made worse by the fact that companies often take months or even years to detect such breaches.
Twitter accounts used by CBS News were compromised on Saturday – and began serving up bogus news stories with links to malware.
A three-day “cyber war” ended in victory for a team from the U.S. Air Force Academy, who beat off attacks from hackers from the National Security AGency in the 13th annual Cyber Defense Exercise (CDX).
The Cyber Intelligence Sharing and Protection Act (CISPA) passes the U.S. House despite privacy concerns and the threat of presidential veto.
Here’s a brazen fake antivirus program that falsely declares you are infected, then locks your screen and asks you call a toll free number for Support, which then asks you to pay to remove the fake infection.
A quarter of PCs around the world have no antimalware software, according to Microsoft’s latest Security Intelligence Report.
The botnet known as Win32/Kelihos keeps on infecting, now touting a YouTube video of the Boston Marathon bombing that comes with a malicious iframe pointing to a Redkit exploit page that infects viewers.
The European cyber security agency ENISA said Internet Service Providers in the EU have failed to implement a set of best practice recommendations which have been in place for 13 years – which could reduce the scope of even the largest DDoS attacks.