Vulnerabilities and attacks

Adware has become a somewhat concerning issue on Android, a new study from security firm Lookout has discovered.

According to the security company, over the last year alone, over 1 million American Android users have unknowingly downloaded adware. What's worse, 6.5 percent of the free applications available in the Google Play marketplace now contain adware of some sort.

Adware isn't exactly the easiest topic to define, since there's a gray area between what's proper ad practice and what's not. However, Lookout says that there are a few key hallmarks that turn seemingly innocuous ads … Read more

Mobile malware creators and smartphone makers seem to be in a neck-and-neck software race, but new data shows that the malware creators could be taking the lead.

Juniper Networks released its third annual Mobile Threat Report on Tuesday and the findings aren't pretty. Mobile malware grew at a rate of 614 percent from March 2012 to March 2013 -- that's equal to 276,259 malicious apps floating around out there. Last year, the increase was a mere 155 percent.

The report is based on an analysis of more than 1.85 million mobile apps and vulnerabilities across major … Read more

South Korea has suffered its latest cyberattack, and one that marked the 63rd anniversary of the start of the Korean War.

The country's science ministry said that multiple government and private sites were hit in Tuesday's hacking, the Associated Press has reported. Included in the attack were the site for the country's presidential Blue House and several media servers.

The South Korean government said that it's investigating further and has urged officials and citizens to secure their computer systems, the AP added.

No potential suspects were named in the attack. But North Korea would likely top … Read more

Facebook is alerting 6 million of its users that their e-mails or phone numbers were inadvertently shared with other members.

The social network said Friday that it has discovered and patched a bug in its "Download Your Information" tool that unintentionally exposed some members' contact details. The bug was reported earlier this month through the company's White Hat program, which rewards security researchers for reporting vulnerabilities. The bug was fixed within 24 hours, a company spokesperson told CNET.

"It's ... something we're upset and embarrassed by," Facebook said in a note published to its … Read more

ExploitShield launched in September 2012 (covered previously by Seth Rosenblatt) with an ambitious goal: to close the yawning security gap for zero-day threats, those nasty exploits that arise upon first notice of a security vulnerability in a browser or other application before developers can fix the hole. Today, the ExploitShield technology gained a lot more visibility as it was acquired by security-software publisher Malwarebytes, whose Malwarebytes Anti-Malware software has been a Top 10 product on Download.com for many years.

As a result of the purchase, Malwarebytes has released a new beta version of the software, now called Malwarebytes Anti-Exploit. … Read more

Yahoo's plan to recycle old user IDs has prompted some concern among security experts who fear hackers could take advantage. But Yahoo says their fears are unfounded.

Speaking to Reuters in an interview published on Thursday, Yahoo senior director for consumer platforms, Dylan Casey, said that he's "aware" of the concerns over identity theft, but his company has "gone through a bunch of different steps to mitigate that concern."

Yahoo announced last week that it's resetting all user IDs that have been inactive over the last 12 months starting in July. The company … Read more

In the past year, estranged antivirus kingpin John McAfee has been accused of being many things -- madman, drug addict, and murderer, just to name a few -- but as the video below proves, you certainly can't accuse him of taking himself too seriously.

In the very NSFW four-minute clip, McAfee slams the software he created (but has had not contact with for more than a decade, as he points out) for its tendency to update itself at the most inconvenient times and ultimately offers an, uh, unorthodox method for uninstalling it.… Read more

BlackBerry has issued a security advisory notice to those who have bought its flagship Z10 touchscreen smartphone -- the first BlackBerry 10 device to launch following the company's bid for revival, back in February.

The advisory, which was issued last week, notes a bug that relates to BlackBerry Protect, its security and backup utility, rather than the phone's operating system itself. 

According to the advisory, an escalation of privilege vulnerability exists in the software of some Z10 phones that could allow a malicious app to "take advantage" of weak permissions in the in-built … Read more

The U.S. government had been hacking into computers in Hong Kong and China for years, says NSA whistleblower Edward Snowden.

The former CIA employee stirred up a hornet's nest recently when he leaked details about PRISM, a National Security Agency program that collects certain user information from Internet companies and phone service providers in an effort to track down terrorists.

In an interview with the South China Morning Post, Snowden said that PRISM actually extends to people and institutions in Hong Kong and mainland China. The NSA itself has been hacking into computers in Hong Kong and China … Read more