Malware & Vulnerabilities

Malware & Vulnerabilities coverage at Computerworld

Security in cloud computing
pawn storm

patch internet explorer

Microsoft pushes out an emergency update for IE flaw

Windows users are being urged to update their computers as soon as possible, after Microsoft pushed out a patch for an issue in Internet Explorer that lets attackers remotely run malicious code with whatever privileges the current...

Kaspersky denies faking antivirus info to thwart rivals

Responding to allegations from anonymous ex-employees, security firm Kaspersky Lab has denied planting misleading information in its public virus reports as a way to foil competitors.

hackers

10 scary hacks from Black Hat and DEF CON

Security researchers and hackers gathered in Las Vegas to showcase the latest vulnerabilities affecting the devices and software much of the world relies on.

stalker

Controversial confessions of a professional cyber-stalker and spyware developer

You might not think being either a cyber-stalker or spyware developer is a good thing, but what if that person, who knows how to be tricky with tech for tracking purposes, starts handing out privacy tips?

patch windows

Windows 10 gets its first set of security patches

Microsoft's Patch Tuesday for August contains critical patches for Windows, Internet Explorer and Microsoft Office.

security graphic

Oracle yanks blog post critical of security vendors, customers

Oracle published, then quickly deleted, a blog post criticizing third-party security consultants and the enterprise customers who use them.

Hacker

Internal LTE/3G modems can be hacked to help malware survive OS reinstalls

With their own dedicated processor and operating system, LTE/3G modems built into new business laptops and tablets could be a valuable target for hackers by providing a stealthy way to maintain persistent access to an infected device....

sunshine

How infosec can really shine

Don’t be a pessimist — your information security organization can be a real success. I’ve seen it.

Security

Researchers show how to steal Windows Active Directory credentials from the Internet

An attack using the SMB file sharing protocol thought to work only in local area networks can also be executed over the Internet, two researchers showed at Black Hat.

Mozilla Firefox browser

Mozilla issues quick fix for Firefox zero-day bug

Mozilla has updated its Firefox browser to patch a zero-day vulnerability being used to harvest passwords on Windows and Linux machines.

Design flaw in Intel chips opens door to rootkits

A design flaw in the x86 processor architecture dating back almost two decades could allow attackers to install a rootkit in the low-level firmware of computers, a security researcher said Thursday.

Joint Chiefs of Staff emails targeted by Russian hackers

The hacking group that targeted unclassified email systems at the State Department and the White House is believed to have also compromised a network used by the Joint Chiefs of Staff.

android security danger

Attackers can exploit built-in remote support apps to control Android devices

Many smartphone makers preload remote support tools on their Android devices in an insecure way, allowing hackers to take control of the devices through rogue apps or even SMS messages.

android security danger

Google and Samsung to push monthly security updates for Android

After learning about the Stagefright vulnerability that can pwn Android phones with a text message, Google and Samsung announced plans to push monthly security updates for Androids. The announcements came on the same day that...

malware

Remember Conficker? It's still around

The Conficker Working Group was tasked with stopping the botnet and finding its creators. It's still at work -- and so is Conficker.

Yahoo in Sunnyvale

Yahoo tackles big 'malvertising' campaign in its ad network

Yahoo said Monday it had removed malware from its advertising network, after malicious code there had gone undetected for at least six days.

Mac frustration firmware malware

Macs can be remotely infected with firmware malware that remains after reformatting

Researchers created Thunderstrike 2 firmware malware that could remotely infect Apple computers and remain even if a user were to wipe the hard drive and reinstall the OS. At Black Hat and Def Con, they will demo their firmware...

android security danger

Update: Maliciously crafted MKV video files can be used to crash Android phones

A malicious application or Web page could be used to crash Android devices, in some cases persistently, due to a vulnerability in a multimedia processing component.

Load More