Security

Malware and Vulnerabilities Topic Center

Get the latest news, advice and in-depth analysis on malware, including information on viruses, worms, Trojans and zero-day vulnerabilities

Untethered jailbreak for iOS 5.1.1 available for download

Absinthe 2.0, the jailbreak for iOS 5.1.1, is ready and available for download, the Jailbreak Dream Team announced at the Hack in the Box conference in Amsterdam on Friday.
Read more...

Security researcher urges IT to keep up with SAP patches

More than 95 percent of over 600 SAP systems tested by security firm Onapsis were vulnerable to espionage, sabotage and fraud, mainly because patches had not been applied, according to a researcher.

Bounty hunters find 8 Google services bugs

Security researchers unveiled eight vulnerabilities in Google services during the Hack in the Box conference in Amsterdam on Thursday -- but they claim to have discovered more than 100 such bugs over the past few months.

McAfee reports big spike in malware

PC malware had its "busiest quarter in recent history," according to McAfee's quarterly security report released Wednesday.

Pwnium hacking contest winners exploited 16 Chrome zero-days

Google yesterday revealed that the two researchers who cracked Chrome in March at the company's inaugural "Pwnium" hacking contest used a total of 16 zero-day vulnerabilities to win $60,000 each.

Google warns users infected with DNSChanger as Web outage nears

Google on Tuesday hauled out a tool it last used nearly a year ago to warn users infected with the "DNSChanger" malware.

Banking malware spies on victims by hijacking webcams, microphones, researchers say

A new variant of SpyEye malware allows cybercriminals to monitor potential bank fraud victims by hijacking their webcams and microphones, according to security researchers from antivirus vendor Kaspersky Lab.

Cross-browser worm spreads via Facebook, security experts warn

Malware writers have used Crossrider, a cross-browser extension development framework, to build a click-fraud worm that spreads on Facebook, security researchers from antivirus firm Kaspersky Lab said on Monday.

Is cloud-based security really less expensive?

Businesses in new study were five times more likely to have decreased spending on managing security over three years as a percentage of their overall IT budget.

Android hackers hone skills in Russia

The malware business growing around Google Android -- now the leading smartphone operating system -- is still in its infancy. Today, many of the apps built to steal money from Android users originate from Russia and China, so criminal gangs there have become cyber-trailblazers.

Red Alert for Child Pornography

A .mov file with a highly suggestive name is enough to kick off an investigation into what's on an employee's PC.

Who's Got Your Mail?

When a chance discovery reveals that anyone in the company can access one executive's email, the brainstorming begins.

Lessons for IT, Apple in Flashback brouhaha

Although the number of Flashback-infected Macs is on the decline, the reverberations from the outbreak will affect Apple and the businesses that have increasingly adopted Macs. Columnist Ryan Faas explains.

Why Switching OS Platforms Is Not a Security Fix

It has been a rallying cry against Microsoft Windows for years: to avoid malware and security issues, just stop using Windows. The mantra has traditionally been embraced by both Mac and Linux users, but as Mac OS X users deal with the fallout from the Flashback malware attack, some Linux supporters are turning the tired attack even against the Apple OS.

Apple Flashback Malware Removal Includes Innovative Approach to Reducing Risk for Macs

Better late than never? Apple has released the third Java update in a week for Mac OS X, and this one contains the tool to remove the Flashback malware from infected systems. Beneath the belated fix to help users eradicate the threat, Apple has introduced a proactive approach to reducing security risk that other vendors should take note of.

Make Web Apps More Manageable With Minimalist for Everything

Google Reader and Gmail are two of the most customizable Web apps available today. Need a different inbox layout? Sure thing. Want to change the colors or visual density? No problem. Still, some interface elements, like the Google Bar at the top of the window, will never go away, no matter what you do. If you wish they did, try free Chrome extension Minimalist for Everything.

The Macalope Weekly: Living in denial

It's a terrible thing to live in denial. If the Winotaur had an ounce of self-awareness he could tell you. Google's also living in denial if it thinks we're putting its dorky glasses on to watch their ads. And get ready for this week's magical after-school special ending, because some of you Mac users are in denial, too.

Mac Malware Outbreak Is Bigger than 'Conficker'

An estimated 600,000 or more Macs are currently compromised and part of a massive botnet thanks to the Flashback Trojan. To put the size of the threat in some perspective, the Flashback Trojan botnet is even bigger than the massive Conficker botnet...relatively speaking.

Security Manager's Journal: When executives want to be above the law

Security policies work best when they apply equally to everyone in the company. Of course, there are always some people who think they should be exceptions.

Researcher releases exploit code said able to crash pcAnywhere

Exploit code targeting a newly identified vulnerability in Symantec's pcAnywhere computer remote control product has been published on the Internet, exposing its users to possible attacks that disrupt the software's functionality.