Google's malware blocker Bouncer has been hacked by security analysts Jon Oberheide and Charlie Miller, who claim that their workaround will allow malicious malware to access apps even with a Bouncer scan.
Microsoft released an emergency Windows update on Sunday after revealing that one of its trusted digital signatures was being abused to certify the validity of the Flame malware that has infected computers in Iran and other Middle Eastern Countries.
Named 'Tinba' (Tiny Banker) or 'Zusy', it is a 20KB data-stealing banking trojan that hooks into browsers, steals login data and sniffs network traffic. It also uses man-in-the-browser (MiTB) techniques and web injections in order to change the look and feel of curtain webpages.
Despite all the hype I've complained about these last few days regarding Flame, there is some interesting research from the vendor community worth noting here, including the malware's affinity for Bluetooth.
This highly-targeted spyware code was developed for the sole purpose of collecting keyword search combinations entered by infected victims who visit online banking, retail, webmail and web portal websites, primarily in Japan and Korea.
Unrivalled functionality and simplicity combine to provide a highly configurable solution for assessing, auditing and enhancing the recognition and response capabilities of network based intrusion detection and prevention systems.
Today's big news is that researchers have found proof of Chinese manufacturers putting backdoors in American chips that the military uses. This is false. While they did find a backdoor in a popular FPGA chip, there is no evidence the Chinese put it there, or even that it was intentionally malicious.
The GuardianText message provider to pay out for Android malwareThe HUK regulator PhonepayPlus (fomerly known ICSTIS) has imposed a fine of £50000 on a payment provider used for an Android malware-based fraud and forced it to reimburse customers' accounts.
This piece of malware, called LilyJade, can mimic advertisements on Facebook, Google, Yahoo, YouTube, Bing and AOL. When users click on or view the ads, the malware developers gain affiliate earnings. The malware spreads by infecting browsers and using active Facebook sessions to spam other users.
The Flame espionage malware targeting Iranian computers contains code that can completely hijack the Windows update mechanism that Microsoft uses to distribute security patches to hundreds of millions of its users, security researchers said Monday.
Earlier this week, F-Secure Labs found a malicious Olympic-themed PDF. So we thought this would be a good time to talk about a topic comes up whenever an event like the World Cup, a celebrity death or even a tsunami captures the world’s attention.
The world is abuzz this week with some flaming malware – well “Flame” is the family name if you want to be precise. The malware package itself is considerably larger than what you’ll typically bump into on average, but the interest it is garnering with the media and antivirus vendors has more to do with the kinds of victims that have sprung up – victims mostly in the Middle East, including Iran – and a couple of vendors claiming the malware as being related to Stuxnet and Duku.
The primary motivator of malware authors and distributors today is simple: money. The more websites and computers the criminals infect, the more cash they make. To maximize infection rates and profits, the bad guys need to escape detection for as long as possible.