Bredolab-infected PCs downloading fake antivirus software
A massive takedown operation conducted by Dutch police and security experts earlier this week does not appear to have completely dissolved the Bredolab botnet, but it is unlikely to recover.
A massive takedown operation conducted by Dutch police and security experts earlier this week does not appear to have completely dissolved the Bredolab botnet, but it is unlikely to recover.
A bug in Apple's iPhone OS gives thieves a way to unlock stolen iPhones and make telephone calls.
MacRumors reported today a security flaw in iOS 4.1 that would allow someone to bypass the 4-digit passcode lock in order to access the Phone app. While the home screen and other apps appear to remain secure, access to the Phone app is no small prize, granting the unauthorized user the ability to view or edit contacts and voicemails, as well as make non-emergency calls. You can also apparently start Voice Control to play music or *gasp* ask what time it is.
Dutch police took unprecedented action in taking down a botnet on Monday: They uploaded their own program to infected computers around the world, a move that likely violated computer crime laws.
Google has added notification for phishing URLs to its service that lets administrators know if their networks have been compromised.
Microsoft released its largest-ever set of security patches Tuesday, fixing a total of 49 bugs in products such as Windows, Internet Explorer and Office.
Smartphone exploits are coming, as cybercriminals start to figure out how to make money by hacking mobile devices, two mobile security experts said Tuesday.
Despite dozens of recent arrests targeting large online fraud organizations, other criminals are continuing to use the Zeus Trojan and other Web tools to steal identities and money from Internet users, one cybersecurity expert said Tuesday.
The Zeus botnet remains a robust network that is difficult to destroy despite an international sting operation that saw dozens arrested this week for allegedly stealing money from online bank accounts.
A new cyberattack exercise hosted by the U.S. Department of Homeland Security this week reflects the increasingly sophisticated attacks U.S. agencies and businesses face, DHS officials said.
A U.K. company is seeking to displace penetration testing companies with an appliance and software that can frequently test whether security devices are catching bad network traffic and exploits.
Twitter has put a stop to a worm that posted obscene messages to victims' Twitter feeds. It's the second worm attack the site has suffered in a week.
A serious security flaw was apparently found on Twitter on Tuesday but was quickly fixed.
It should go without saying that pen testing is one of the most important pieces of an IT security shop's vulnerability management program. And yet it's something that was <a href="http://www.csoonline.com/article/468766">declared a dead art by Fortify Co-founder Brian Chess</a> a couple years ago.
Secunia has updated its Personal Software Inspector (PSI) with the ability to silently download and apply patches from multiple vendors soon after their release. PSI 2.0 is now available in an open beta test,