malware

Hackers send bogus tweets from '60 Minutes' account

The Twitter accounts for CBS News programs "60 Minutes" and "48 Hours" were used by hackers earlier today to send out messages accusing the U.S. of aiding terrorists, the network confirmed.

"We have experienced problems on Twitter accounts of #60Minutes & @48Hours; We apologize for the inconvenience; Twitter is resolving issues," read a tweet from @CBSNews. Read another from @60Minutes: "PLEASE NOTE: Our Twitter account was compromised earlier today. We are working with Twitter to resolve."

Bogus messages tweeted from the hacked accounts included this one from the @60Minutes account:

Exclusive: … Read more

ACLU to FTC: Mobile carriers fail to provide good Android security

The America Civil Liberties Union filed a complaint with the Federal Trade Commission today asking the agency to investigate the four major mobile carriers' security practices in regards to smartphones.

The civil liberties group claims that AT&T, Verizon, T-Mobile, and Sprint are not doing enough to protect users' private and personal data -- specifically on Android devices. The gist of the complaint (PDF) is that these carriers aren't providing users with timely security updates, which the ACLU says is akin to "deceptive and unfair business practice."

"The major wireless carriers have sold millions of … Read more

Targeted cyberattacks jump 42 percent in 2012, Symantec says

Internet users are seeing less spam but more targeted attacks, according to security software company Symantec.

Looking at last year's security landscape, Symantec's Internet Security Threat Report 2013 found that traditional spam accounted for 69 percent of all e-mail in 2012, down from 75 percent in 2011. Yet, 30 billion spam messages are still sent on a daily basis.

Junk e-mails that hawk sex or dating products and services now account for 55 percent of all spam, taking the top spot away from pharmaceutical spam.

Malware is also part of one out of every 291 e-mail messages, with … Read more

Windows 8's rising security tide raises all antivirus boats

In one of the first independent tests of third-party security suites on Windows 8, nearly all antivirus and anti-malware software tested well. What may surprise you is that even without a third-party suite, Windows 8 is relatively resistant to modern threats like zero-day attacks, according to the report.

Independent German security suite evaluators AV-Test.org publish bimonthly tests that rate the effectiveness of the biggest Windows security suites out there and rated all 26 of the suites they tested on Windows 8 in January and February as "certified," including Windows 8 itself. This is because Windows 8 comes … Read more

Who wrote the Flashback Trojan?

In September 2011, security companies first noticed a new malware scam for OS X, which posed as a fake Adobe Flash installer, and hence became known as Flashback. Unlike prior scams, this malware took on some new approaches to tricking users by infecting common browsers, disabling Apple's XProtect system, and eventually morphing into a Java-based exploit that resulted in approximately 600,000 Macs being infected worldwide.

The Flashback malware has been seen as one of the more widespread and successful attacks on the OS X platform, but while it was eventually snuffed out a year later, it left everyone … Read more

How you may have inadvertently participated in recent DDoS attacks

The risk that an Internet-connected computer is infected with malware will never be reducible to zero. It's just the nature of software that errors happen. Where there are software-design errors, there are people who will exploit those errors to their advantage.

The best PC users can hope for is to minimize the chances of an infection and to mitigate the damage a piece of malware can inflict -- whether it intends to steal a user's sensitive data or to commandeer the machine as part of a cyber attack on servers thousands of miles away.

Last week, Internet users … Read more

New Microsoft study says your software is counterfeit

In a new IDC white paper commissioned by Microsoft, cleverly titled "The Dangerous World of Counterfeit and Pirated Software: How Pirated Software Can Compromise the Cybersecurity of Consumers, Enterprises, and Nations...and the Resultant Costs in Time and Money" ( full PDF), there's a boatful of interesting statistics around "the prevalence of malicious code and unwanted software -- such as viruses, Trojan horses, keystroke-capturing software, authentication backdoors, and spyware -- in pirated software and on the Web sites and peer-to-peer (P2P) networks where such software is found."

"[U]sing information from a 10-country survey of … Read more

Apple fights Yontoo Trojan with XProtect update

Following news of the new adware Web plug-in Trojan found to be affecting OS X systems, Apple has released an XProtect malware definitions update to protect anyone who stumbles across it.

The Trojan, called Yontoo, is initially disguised as a media player or download manager plug-in and distributed on underground file-sharing and movie trailer Web sites. When installed it pretends to be a player called Twit Tube but installs the Yontoo plug-in. This plug-in will work in all Web browsers to track your browsing behaviors and then present ads on legitimate Web sites.

Unlike other malware that can hide itself … Read more

South Korean cyberattack may not have come from China

South Korea apparently still has a mystery on its hands. Who launched a cyberattack against several of its banks and broadcasters this week?

Regulators for the country initially pointed the finger at China, saying that the attacks originated from a Chinese IP address. But they admitted today that they jumped the gun.

The IP address used in the attack was actually traced to one of the banks hit on Wednesday. South Korea's NongHyup Bank had been using the address as a virtual one for its internal network, according to Reuters. By coincidence, that address matched one registered in China.… Read more