On today's show, a whole collection of Apple rumors: iPhone 5 with a keyboard? That's just crazy talk. Almost as crazy as letting Apple take a 30% cut of your magazine or newspaper subscription costs by "taking advantage" of their new subscription store. Plus, Facebook is officially the entire Internet, as it gets both dedicated phone buttons and a Facebook SIM card. Plus, the U.S. finally commits to the Internet, Netflix finally arrives on Boxee, and we finally get a Plants vs. Zombies board game. I know you were waiting. --MollySubscribe: iTunes (MP3) | iTunes (320x180) | iTunes (640x360) | RSS (MP3) | RSS (320x180) | RSS (640x360)… Read more
Stuxnet may have hit different organizations, but its main target was still the Natanz nuclear enrichment plant in Iran, an expert who has analyzed the code said today.
Ralph Langner, who has been analyzing the code used in the complicated Stuxnet worm that used a Windows hole to target industrial control systems used in gas pipelines and power plants last year and possibly earlier, said the initial distribution of Stuxnet was limited to a few key installations.
"My bet is that one of the infected sites is Kalaye Electric," he wrote in an e-mail to CNET. "Again, … Read more
Microsoft said today that next week's Patch Tuesday will bring 17 updates plugging 40 holes and featuring two rated "critical," including one in Internet Explorer that was targeted in attacks last month.
Also fixed on Tuesday will be the final of four holes in Windows that the Stuxnet malware used.
"This is a local Elevation of Privilege vulnerability and we've seen no evidence of its use in … Read more
On today's show, Gowalla teams up with Disney to offer virtual pins, instead of the real ones everyone actually wants. And we discover Molly's never been to Disneyland, so maybe Gowalla should sponsor a road trip! Also, Google eyes Groupon, Cox becomes the first cable company to get into the mobile phone game, and carriers threaten to stop subsidizing iPhones if Apple tries to free the phone from carrier confines. --MollySubscribe: iTunes (MP3) | iTunes (320x180) | iTunes (640x360) | RSS (MP3) | RSS (320x180) | RSS (640x360)… Read more
The Stuxnet worm is a "wake-up call" because of its complexity and its aim at critical infrastructure systems, a Symantec director told a U.S. congressional committee today.
The malware is a milestone in many ways, Dean Turner, director of Symantec Security Response's Global Intelligence Network, said in testimony before the U.S. Senate Committee on Homeland Security and Governmental Affairs.
It is the first known threat to: spy on and reprogram industrial control systems and grant hackers control of critical infrastructures; use four zero-day vulnerabilities; compromise two digital certificates; inject code into industrial control systems and … Read more
Spam hit a two-year low this past quarter, but malware is at an all-time high, according to McAfee's latest Threats Report.
Out today, the "McAfee Threats Report: Third Quarter 2010" (PDF) found that though spam is still high, it continued its overall decline from January, both globally and nationally. With the exception of Russia, Greece, Belarus, and Indonesia, all countries tracked by McAfee showed a drop in spam levels.
So much for the good news.
On the down side, malware has reached an all-time high, according to the security technology company, which identified an average of 60,000 new threats each day in the third quarter, almost quadrupling since 2007. For 2010 so far, McAfee has discovered 14 million unique pieces of malware, a million more than this time last year.
One of the more "sophisticated" threats that reared its head this year was the Zeus botnet, designed to steal information during banking transactions. Over the third quarter, Zeus expanded its scope by targeting mobile devices, specifically attempting to grab SMS messages sent to validate the transactions. McAfee also noticed a rise in e-mail campaigns launched to spread the botnet by sending out messages claiming to come from FedEx, the IRS, the U.S. Post Office, and other such parties.… Read more
Symantec researchers have figured out a key mystery to the Stuxnet worm code that strongly suggests it was designed to sabotage a uranium enrichment facility.
The program targets systems that have a frequency converter, which is a type of device that controls the speed of a motor, Eric Chien, technical director of Symantec Security Response, told CNET today. The malware looks for converters from either a company in Finland or Tehran, Iran.
"Stuxnet is watching these devices on the target system that is infected and checking what frequency these things are running at," looking for a range of … Read more
A Slovakian antivirus company with its American headquarters in San Diego is trying to make good cybersecurity just as much a part of the local fabric as good beaches and Chargers football.
Eset launched the Securing Our eCity program with the San Diego Chamber of Commerce two years ago to offer free workshops to consumers and small businesses on how to stay safe online. Today it has become a model for similar initiatives being launched in Malaysia, Buenos Aires, and London. And it helped with the creation of the Stop Think Connect campaign launched last week as part of National … Read more
In a record Patch Tuesday, Microsoft released updates today for Windows, Internet Explorer, and the .NET framework that feature fixes for 49 holes, including one being exploited by the Stuxnet worm.
Microsoft recently fixed two of the four unpatched holes being used by Stuxnet to spread to Windows-based machines. The malware ultimately targets systems running software from Siemens that is used in critical infrastructure operations. Today's release plugs one (MS10-073) of the remaining two holes and the company said in a blog post that the final hole will be addressed in an upcoming security bulletin.
Meanwhile, Microsoft provided a … Read more