In a new twist to ‘rogueware’, Panda Security has warned that its cloud antivirus product name is being used to mask a particularly unpleasant trojan called DarkAngle. While victims may believe that they are installing anti-malware, they may actually b…
Microsoft will reject ‘weak’ digital certificates from tomorrow
A weak digital certificate is defined as one signed with an RSA key of less than 1024 bits. Since it is now generally accepted that keys of a lesser length can be brute-forced with modern computing power, Microsoft is upping the ante by forcing a move …
American think tanks hit in wide-scale cyber-espionage push
American think tanks are becoming a big intelligence target for hackers from China and other countries, according to Rep. Mike Rogers (R-Mich.), chairman of the US House Intelligence Committee.
Top Android malware is adding features to cast a wider, more difficult-to-detect net
Android malware for premium SMS fraud continues to grow as a category, and most of it rests on the shoulders of one family of malware: Android.FakeInstaller. However, while FakeInstaller is well-known and included in mobile security software, hackers a…
Microsoft buys authentication firm PhoneFactor
Microsoft has bought the multi-factor authentication (MFA) company PhoneFactor. Financial terms of the deal have not been released. PhoneFactor will largely continue as is until its products are ‘onboarded’ into the Microsoft Volume Licensing programs….
Data loss, Wi-Fi and NFC identified as top mobile security concerns
Data loss is the biggest mobile security danger, reveals a new Cloud Security Alliance (CSA) report, but emerging concerns include rogue Wi-Fi access points and Near-Field Communications (NFC) exploitation.
Profile Stalker – an application that spams on Tumblr
gr8brittyn posted on Tumblr, “Guys I’m really sorry for the Profile Stalkr spam. If you haven’t already, DON’T CLICK IT. I literally cannot figure out how to stop it — and if you try to delete the posts, they’re instantly reposted. I can’t edit them, d…
HMRC choses CPA-accredited encryption
HM Revenue and Customs (HMRC) chooses CPA over CAPS for its encryption – both CESG-administered security accreditation schemes – and saves the British tax-payer £2.4 million.
Universal man in the browser malware allows real-time information processing
Hackers who employ the man-in-the-browser (MiTB) gambit to steal information from computer systems have found a way to more efficiently cast their net. According to researchers at Trusteer, a new strain of MiTB malware can adopt a “one-size-fits-all” a…
Fusion Center fail, says Senate Report
A US Senate Committee has produced a 140+ page report analyzing the operation and achievements of the hugely expensive fusion center programme – and is far from satisfied with what it finds.