Desktop security - News, Features, and Slideshows

News

• Researchers bypass the restrictions of Mac OS X default sandbox profiles

  The restrictions imposed by Mac OS X generic application sandbox profiles can be easily bypassed, researchers from Core Security Technologies found.

• Duqu exploits zero-day Windows kernel vulnerability to infect computers

  Security researchers from the CrySyS laboratory in Hungary have located an installer for Duqu, the <a href="http://www.pcworld.com/businesscenter/article/242114/duqu_new_malware_is_stuxnet_20.html">Stuxnet-inspired threat</a> that has kept the security industry on its toes for the past couple of weeks, and determined that it exploits a previously unknown vulnerability in the Windows kernel.

• Exploit-powered Android Trojan uses update attack

  A new variant of the DroidKungFu Android Trojan is posing as a legitimate application update in order to infect handsets, according to security researchers from Finnish antivirus vendor F-Secure.

• Adobe to fix Flash flaw that allows webcam spying

  Adobe is working on a fix for a Flash Player vulnerability that can be exploited via clickjacking techniques to turn on people's webcams or microphones without their knowledge.

• Peer-to-peer update to Zeus Trojan confers resistance to take-downs

  The Zeus financial malware has been updated with P-to-P (peer-to-peer) functionality that makes it much more resilient to take-down efforts and gives its controllers flexibility in how they run their fraud operations.

• German officials admit to deploying intercept software

  Officials in a number of German state governments have owned up to using the Quellen-TKÜ Trojan Horse software in criminal investigations to intercept encrypted telecommunications on PCs. At least one state said it has suspended use of the software, after the Chaos Computer Club discovered that it could be controlled by anyone, not just law enforcement officers.

• Facebook's URL scanner is vulnerable to cloaking attacks

  Members of a hacking think-tank called Blackhat Academy claim that Facebook's URL scanning systems can be tricked into thinking malicious pages are clean by using simple content cloaking techniques.

• SpyEye steals banking codes by sending them to wrong phone

  Researchers from browser security vendor Trusteer have identified a new variant of the SpyEye financial Trojan that tricks online banking users into changing the phone numbers associated with their accounts.

• XSS web attacks could live forever, researcher warns

  Websites that accidentally distribute rogue code could find it harder to undo the damage if attackers exploit widespread browser support for HTML5 local storage and an increasing tendency for heavy users of Web apps never to close their browser.

• 'Lurid' malware hits Russia, CIS countries

  The latest espionage-related hacking campaign detailed by security vendor Trend Micro is most notable for the country it does not implicate: China.

• Anonymous breaches another US defense contractor

  The politically oriented hacking group, Anonymous, has released 1GB of what is says are private e-mails and documents from an executive of a U.S. defense company that sells unmanned aerial vehicles to police and the U.S. military.

• As targeted e-mail attacks proliferate, companies wince

  The strange e-mails arrived in executives' inboxes around the same time that the Australian oil company was negotiating a deal with a Chinese energy company.

• Researcher: Threats from zero-day exploits overhyped

  Computers lacking patches for long-known vulnerabilities potentially face more of a hacking risk than from zero-day exploits, or attacks targeting vulnerabilities that haven't been publicly disclosed, according to new research from Secunia.

• After RSA breach, are SecurID tokens in jeopardy?

  The intrusion by hackers of security giant RSA, a unit of EMC, has left customers and analysts wondering if it is still safe to use millions of the one-time passcode tokens used to log into enterprise IT systems.

• Notorious spamming botnet, Rustock, takes a fall

  A large network of hacked computers called Rustock, which was responsible for a great volume of spam, has shut down, perhaps as a result of another coordinated take down by security researchers.