More Malware and Vulnerabilities News

Untethered jailbreak for iOS 5.1.1 available for download

Absinthe 2.0, the jailbreak for iOS 5.1.1, is ready and available for download, the Jailbreak Dream Team announced at the Hack in the Box conference in Amsterdam on Friday.

Security researcher urges IT to keep up with SAP patches

More than 95 percent of over 600 SAP systems tested by security firm Onapsis were vulnerable to espionage, sabotage and fraud, mainly because patches had not been applied, according to a researcher.

Bounty hunters find 8 Google services bugs

Security researchers unveiled eight vulnerabilities in Google services during the Hack in the Box conference in Amsterdam on Thursday -- but they claim to have discovered more than 100 such bugs over the past few months.

McAfee reports big spike in malware

PC malware had its "busiest quarter in recent history," according to McAfee's quarterly security report released Wednesday.

Pwnium hacking contest winners exploited 16 Chrome zero-days

Google yesterday revealed that the two researchers who cracked Chrome in March at the company's inaugural "Pwnium" hacking contest used a total of 16 zero-day vulnerabilities to win $60,000 each.

Google warns users infected with DNSChanger as Web outage nears

Google on Tuesday hauled out a tool it last used nearly a year ago to warn users infected with the "DNSChanger" malware.

Banking malware spies on victims by hijacking webcams, microphones, researchers say

A new variant of SpyEye malware allows cybercriminals to monitor potential bank fraud victims by hijacking their webcams and microphones, according to security researchers from antivirus vendor Kaspersky Lab.

Cross-browser worm spreads via Facebook, security experts warn

Malware writers have used Crossrider, a cross-browser extension development framework, to build a click-fraud worm that spreads on Facebook, security researchers from antivirus firm Kaspersky Lab said on Monday.

Is cloud-based security really less expensive?

Businesses in new study were five times more likely to have decreased spending on managing security over three years as a percentage of their overall IT budget.

Android hackers hone skills in Russia

The malware business growing around Google Android -- now the leading smartphone operating system -- is still in its infancy. Today, many of the apps built to steal money from Android users originate from Russia and China, so criminal gangs there have become cyber-trailblazers.

Microsoft anti-bloatware service to apply to Windows 8 PCs, too

A Microsoft in-store program that scrubs "bloatware" from Windows PCs will also be offered when Windows 8 machines reach the market later this year, a company representative said.

Google releases Chrome 19, adds tab sync and patches 20 bugs

Google released Chrome 19, patched 20 vulnerabilities in the browser and doled out $16,500 in bug bounties and rewards to independent researchers.

Wikipedia warns users about malware injecting ads into its pages

Rogue browser extensions might inject commercial ads into Wikipedia pages, Wikimedia Foundation said

Apple ships first Leopard security update in nearly a year

Apple on Monday issued its first security-related update for OS X 10.5, or Leopard, in nearly a year, to disable long-outdated versions of Adobe's Flash Player.

Adobe backpedals, will now patch software for free

After being pummeled by customers and security experts for telling users to spend hundreds of dollars on upgrades because it wasn't going to patch critical bugs in older versions of its software, Adobe has reversed course.

Adobe: Pay upgrade price to patch critical bugs

Adobe has told users of its Creative Suite, which includes the company's premier products like Photoshop and Illustrator, to spend $375 to upgrade if they want patches for eight critical vulnerabilities.

Amnesty International UK website compromised

The U.K. website of Amnesty International, a human rights watchdog organization, was compromised by hackers, who used it to infect visitors with a remote access Trojan horse program known as Gh0st RAT.

Police-themed ransomware targets U.S., Canadian users

A ransomware application that locks computers and asks their owners to pay fines for allegedly violating several laws through their online activity is targeting U.S. and Canadian users, malware experts from security firm Trend Micro said on Wednesday.

PHP patches actively exploited CGI vulnerability

The PHP Group has released PHP 5.4.3 and PHP 5.3.13 on Tuesday in order to address two remote code execution vulnerabilities, one of which is being actively exploited by hackers.

Microsoft security patches include fixes for Word, Office, Windows

Microsoft has fixed 23 vulnerabilities in its software products, including several considered critical, the company said on Tuesday in its monthly security patch report.