Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A cyber-crime operation using the SpyEye Trojan was spotted around the holidays with a new trick up its sleeve for dodging detection by concealing their unauthorized transactions.
Symantec has confirmed that, from what they have seen thus far, the code that has been accessed by the attackers was from their Enterprise product line.
New research from Kaspersky Labs has revealed that the same platform used to develop Stuxnet and Duqu has been used to create similar Trojans, and we’re likely to see more modifications in the future.
The KOOBFACE Gang Upgraded its Botnet Framework with a sophisticated Traffic Direction System (TDS) that handles traffic referenced to affiliate sites and creates a bigger profit.
The minds behind the Nitro attacks discovered targeting chemical companies earlier this year are now disguising malware as an attachment from Symantec.
Security research firm Accuvant, today released the results a study comparing the security of the three most widely used web browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer.
A new Facebook attack appears to be infecting users with the Dorkbot worm through the social network’s chat system.
The FBI is warning the public about a cyber-crime ring that not only steals banking credentials but also launches a distributed denial of service (DDoS) attack on the victim’s financial institution as a diversion.
Invincea helps address threats by providing a solution that insulates users from untrusted content through fully virtualized browser and PDF reader solutions that run in their own virtual environments separate from the desktop operating system.
While there is no doubt the amount of malicious programs with Windows in their bull’s eye dwarfs the amount of threats to mobile devices, the focus on Android malware have left some wondering how to separate fact from hype.
- 1 of 13
- ››
FEATURES, INSIGHTS // Malware
Traditional security solutions are falling short of providing needed protection because they’re typically blind to changing conditions and new attacks. Simply put: you can’t protect what you can’t see.
2011 was a landmark year to say the least, in terms of network security and the overall evolution of malware, and there are no indications that things will slow down anytime soon. With that in mind lets embark on that traditional new year exercise and predict a few of the trends we’re likely to see in 2012.
My brief relationship with the Morto worm lasted exactly 5 days, at least that I know of. Morto is a computer worm – one that burrows into a computer system and lives to infect other computers and take orders from her botnet herder.
As malware gets progressively more complex, it’s important to understand how the major players in the malware industry fit together and how these relationships affect the ways that malware is developed, distributed and ultimately used in attacks.
Malware has become a network-borne and network-enabled threat, and as such we need to bring network controls to the fight against malware. If you can take away the ability for malware to communicate, you can effectively take away much of its power.
Organizations can’t buy an “Anti-APT” solution, but adopting the right security strategy can help defend against APTs that attempt to seize data and wreak havoc.
While there is no doubt that modern malware are highly evasive and skilled at avoiding detection, if we give these threats too much credit we risk turning our problems into unsolvable myths, and in the process miss the chance to stop them.
Businesses usually don’t think about social engineering when securing company data. It used to be believed that social engineering was reserved for governments and organizations with enemies. That's not the case anymore.
Modern malware depends upon its ability to communicate with a remote attacker while hiding or blending in with our normal allowed traffic. However, we can often detect this ongoing command-and-control traffic and other telltale signs of malware infections if we know what we are looking for.
Setting aside questions of its pedigree, what might be Duqu's intended target? Researchers at Symantec coyly suggested it is targeting different industries than Stuxnet, but didn't name any. Duqu's pedigree and the intended target remains the subject of much debate.
- 1 of 4
- ››
Subscribe to SecurityWeek
- With an IPO In Sight, Palo Alto Networks Names New CFO
- Google Adds New Layer to Android Security
- Study Analyzes Fake Facebook Profiles vs. Real Users
- VeriSign Attackers Swiped Data from Servers, Management Left in the Dark
- Half of Fortune 500 and Government Agencies Infected With DNSChanger Malware
- It's Time to Open Our Eyes to Advanced Malware Protection
- AVG Technologies Set for $128 Million IPO Thursday
- Wave Systems Launches Cloud-Based Encryption Service
- Threat Intelligence Market to Reach $905 Million by 2014, Says IDC
- BlackBerry 7 Gets Government Security Stamp
Copyright © 2011 Wired Business Media. All Rights Reserved. Privacy Policy | Terms of Use
