Malware

(get it in RSS or Atom)

Co-creator of Blackshades malware used to spy on Miss Teen USA pleads guilty

Blackshades malware co-creator pleads guilty, facing 10 years in jail

Alex YĆ¼cel has pleaded guilty to his involvement with the $40 program designed to secretly remotely control victims' computers.

How to get rid of the Lenovo "Superfish" adware

Here's how to get rid of the "Superfish" adware that was pre-installed on some Lenovo notebooks.

Lenovo "Superfish" controversy - what you need to know

sf-250

Controversy of the week is "Superfish," an adware program pre-installed on Lenovo computers that has some worrying security problems.

Here's what you need to know, in plain English...

Firefox to get a "walled garden" for browser extensions, Mozilla to be sole arbiter

Mozilla has announced that its Firefox browser is heading towards signed browser extensions only.

Even if you publish your extensions "off market," you'll have to get Mozilla to sign them first.

Update Tuesday wrap-up, February 2015 - don't let JASBUG distract you

patch-tuesday-denim-250

Be careful!

The JASBUG vulnerability in Windows is grabbing the headlines, but there are other bugs this month that could hit you harder.

Paul Ducklin explains...

"Facebook porn Trojan" - here's how NOT to get caught

ffvid-250

You receive a Facebook posting that offers you something saucy, you click through to the website...

...and guess what happens next?

More iCloud phishing: don't get sucked in

It's easy to justify checking out spams and scams, on the "better safe than sorry" principle.

Don't do it!

You just end up one click closer to catastrophe.

Cat and mouse game is over for Japanese death threat hacker

Cat. Image courtesy of Shutterstock.

A Japanese programmer, who taunted police by leaving clues in a memory card that he tucked into the collar of a cat found wandering an island off Tokyo, has been sentenced to 8 years in jail.

SSCC 184 - What's the lifespan of a GHOST? [PODCAST]

chet-chat-logo-featured-250

Our weekly security podcast - the latest news in 15 minutes, entertaining *and* educational.

Enjoy!

New-style ransomware locks out your customers - demands money to let them log back in

key-250

The crooks took a low-key, annoyingly simple, and hard-to-spot approach.

Change usernames like JIMMY to FKOVWH3Z7LUV, but hide the changes...for a while, anyway.

"Exploit This": Evaluating the exploit skills of malware groups

exploit-this-paper-250

SophosLabs researcher Gabor Szappanos compares APT actors and cybercrooks.

A comparative review of malware writers!

A fascinating study, well worth a read...

News Flash! 3rd time unlucky! New 0-day hits Adobe's browser plug-in...

Ready to kiss goodbye to Flash in your browser yet?

Here's the 3rd zero-day in Flash since Adobe's last Patch Tuesday...

ZeroAccess click fraud botnet coughs back to life

ZeroAccess

The once-mighty "ZeroAccess" botnet is now only a shadow of its former self, but its reputation alone still makes it a headline grabber...

SSCC 183 - It's Data Privacy Day! Do something! [PODCAST]

chet-chat-logo-featured-250

From Apple's latest OS X and iOS updates to Data Privacy Day - listen, learn and enjoy!

Adobe gets second Flash zero-day patch ready 2 days early!

Good news from Adobe about CVE-2015-0311, the unpatched zero-day in Flash.

The patch is now ready via auto-update - 2 days early!

Psychological profile-based security - could it work?

Image of psychedelic background brain courtesy of Shutterstock.

Fujitsu's working on technology that can assign security countermeasures based on a user's psychological profile and risk tendencies - warning them ahead of time, before an attack can be carried out successfully.

Adobe issues emergency fix for Flash zero-day

Crooks are reportedly using a new Flash vulnerability called CVE-2015-0310.

Adobe has a fix already, so grab it while it's hot!

Why the US was so sure North Korea hacked Sony: it had a front-row seat

US and North Korea. Image courtesy of Shutterstock.

A newly released, top-secret document traces the NSA's infiltration of North Korean systems back to 2010, when it piggybacked on South Korean "implants" on North Korea's networks and "sucked back the data".

Cops arrest another man after Christmas PlayStation/Xbox DDoS

Arrest. Image courtesy of Shutterstock.

Police have arrested a second man in connection with the Lizard Squad's Grinch-like Christmas attack on gamers.

Barack Obama proposes shielding companies that share cyber threat data

Obama proposes new cybersecurity legislation to target identity theft, DDoS

President Obama on Tuesday proposed new cybersecurity legislation that would put cybercrime on par with racketeering and would protect companies from getting sued if they share computer threat data with the government.