Malware

(get it in RSS or Atom)

Adobe gets second Flash zero-day patch ready 2 days early!

Good news from Adobe about CVE-2015-0311, the unpatched zero-day in Flash.

The patch is now ready via auto-update - 2 days early!

Psychological profile-based security - could it work?

Image of psychedelic background brain courtesy of Shutterstock.

Fujitsu's working on technology that can assign security countermeasures based on a user's psychological profile and risk tendencies - warning them ahead of time, before an attack can be carried out successfully.

Adobe issues emergency fix for Flash zero-day

Crooks are reportedly using a new Flash vulnerability called CVE-2015-0310.

Adobe has a fix already, so grab it while it's hot!

Why the US was so sure North Korea hacked Sony: it had a front-row seat

US and North Korea. Image courtesy of Shutterstock.

A newly released, top-secret document traces the NSA's infiltration of North Korean systems back to 2010, when it piggybacked on South Korean "implants" on North Korea's networks and "sucked back the data".

Cops arrest another man after Christmas PlayStation/Xbox DDoS

Arrest. Image courtesy of Shutterstock.

Police have arrested a second man in connection with the Lizard Squad's Grinch-like Christmas attack on gamers.

Barack Obama proposes shielding companies that share cyber threat data

Obama proposes new cybersecurity legislation to target identity theft, DDoS

President Obama on Tuesday proposed new cybersecurity legislation that would put cybercrime on par with racketeering and would protect companies from getting sued if they share computer threat data with the government.

"Obamacare" phishing email leads to banking malware‏

dol-fake-250

Unfortunately, official emails and web bulletins are a handy source of believable content for scammers.

This time, it's a Department of Labor bulletin "borrowed" to help distributed a variant of the infamous Vawtrak banking malware.

Phish of the Week - when adjectives just aren't enough

We aren't really supposed to chuckle at spams and scams.

But here's a phishing story that will make you smile yet still be educational...

"Dear Facebook, I DEMAND that you ignore my demands" - 60 Sec Security [VIDEO]

Our weekly security news video, for your viewing pleasure.

Fun with a serious side, in just one minute...watch now!

'Sloppy' North Korean Sony attackers let their IP addresses slip, says FBI

FBI: 'Sloppy' North Korean Sony attackers let their IP addresses slip

FBI director James Comey has stuck to the bureau’s conclusion that the North Korean government is behind the mammoth cyber attack on Sony Pictures, giving out a few more crumbs to explain his conviction.

Thunderstrike - new Mac "ueberrootkit" could own your Apple forever‏

apple-worm-250

Security researcher Trammell Hudson wondered how deeply you could embed a rootkit into a Mac.

Forget hacking the kernel, or even the boot sector...what about targeting the Boot ROM chip itself?

SSCC 180 - Surely zero-days come from cybercrooks, not from Silicon Valley? [PODCAST]

Enjoy the first 2015 episode of our popular weekly security podcast.

In this episode: zero-day politics, leaky security features, Bitcoin news, and a shout out to our New Year #sophospuzzle winners!

Malware infection suspected at ISC, providers of the BIND DNS server software

The Internet Systems Consortium, better known as ISC, thinks it might have had a malware infection.

An insecure installation of WordPress seems to be behind the problem...

Have the cops busted one of the Lizard Squad?

liz-250

The "Lizard Squad" took out Microsoft's and Sony's games networks on Christmas Day.

Everyone involved knew in advance that law enforcement would be *very* interested in whodunnit...

SSCC 179 - What kind of a name is "Lizard Squad"? [PODCAST]

Here's the latest episode of our regular security podcast.

This week: phishing, spamming, zombification, SCADA and the Internet of Things, and the curiously named cybervandals that go by "Lizard Squad."

From Facebook, through iPhones and Androids, to Macs - make the safest start to 2015!

Are you looking to turn over a new security leaf yourself in 2015, or trying to convince your friends and family to do so?

Here are some great places to start...

Can malware and hackers really cause giant physical disasters?

Could you really have a hacker or malware initiated meltdown?

Yes, says the 2014 report of the German Office for Information Security...

Yes, I got an iTunes gift card for Christmas - but HOW DID THE CROOKS KNOW THAT?

You *are* being doubly cautious for phishing campaigns over the holiday season, aren't you?

Spammers and scammers don't have to know anything about you to hit the bullseye in what might feel like a targeted attack.

The email that caused a literal meltdown - 60 Sec Security [VIDEO]

Enjoy the last episode of "60 Second Security" for 2014!

Learn from the week's news in just one minute...