Another Android “master key” bug revealed
The existence of another “master key” bug that can be used to push malware onto Android users has been publicly disclosed by Jay Freeman (a.k.a Saurik), the …
Cybercriminals opting for real-time malware campaigns and phishing
The third quarter of 2013 saw further use of real-time malware campaigns and a dramatic increase in phishing sites, according to Commtouch. The ever-growing exploitation of …
Svpeng Android banking Trojan goes phishing
The Android banking Trojan known as Svpeng has been improved by its creators and is now capable to perform phishing attacks as well as stealing money directly from a …
Cybercrime gangs seek victims in untapped markets
A record number of brands were targeted by phishers in the second quarter of 2013, according to APWG. A total of 639 unique brands were targeted by phishing attacks in the …
Employees stuck with unauthorized file sharing services
Most employees (81%) access work documents on the go. Yet in the absence of an enterprise-grade file sharing alternative, 72% are resorting to unauthorized, free file-sharing …
Red Hat delivers cloud management for OpenStack
Red Hat announced the next release of its cloud management platform, Red Hat CloudForms 3.0. CloudForms already provided essential enterprise-level management and automation …
TrueCrypt to go through a crowdfunded, public security audit
After all the revelations about NSA’s spying efforts, and especially after the disclosure of details about its Bullrun program aimed at subverting encryption standards …
Malware peddlers testing new infection techniques
An ongoing malicious spam campaign impersonating UPS has shown that malware peddlers are experimenting with different approaches for infecting hapless users, and additional …
Apple releases cleverly framed report on government data requests
Apple has released what will be the first of many biannual reports on government information requests it receives, and has included a statement saying that “Apple has …
Hypervisor-based, hardware-assisted system monitoring
In the last few years, many different techniques have been introduced to analyse malicious binary executables. Most of these techniques take advantage of Virtual Machine …
Most visits to a login page are made by malicious tools
Incapsula surveyed 1,000 websites over a 90-day period, during which we recorded over 1.4 million unauthenticated access attempts and 20,376 authenticated logins. Their data …
New Microsoft 0-day vulnerability under attack
Microsoft has released security advisory KB2896666 informing of a vulnerability (CVE-2013-3906) in the TIFF graphics format that is seeing limited attacks in the Middle East …