Malware

CANCUN, MEXICO -- A panel of top law enforcement officers in charge of cyber criminal investigations reveals that the guys with the white hats face an uphill climb if they want to take down cyber criminal kingpins, with outdated laws and processes on the one hand, and an increasingly skeptical and privacy-conscious public on the other. Read more »

After a couple of years of seeing headlines announcing a steady stream of pieces of malware and trojaned apps appearing the Android Market, Google finally has taken steps to find and remove malicious apps from the market automatically. The company has unveiled a service called Bouncer that scans apps and looks for known malware as well as potentially malicious behavior. Read more »

CANCUN--Facebook is a lot of things, and one of the things that it's become of late is a fertile green field for attackers and scammers of all stripes. The Koobface worm is perhaps the most famous threat to hit the network, but the more mundane ones, such as scammers generating fake profiles automatically to spread spam and malicious URLs are becoming more and more prevalent, researchers say. Read more »

A new report finds that the 'bad guys' are winning, and that most nations are ill-prepared for crippling cyber attacks. Read more »

Researchers have identified a strain of malware that's being used in a string of targeted attacks against defense contractors, government agencies and other organizations by leveraging exploits against zero-day vulnerabilities. The attacks may have been going on since 2009 in some form and the emails containing the malicious attachments are specifically targeted at executives and officials in various industries using fake conference invitations. Read more »

UPDATE--The Kelihos botnet, which researchers at Kaspersky Lab and Microsoft disrupted last fall by sinkholing the control channel, has sprung back to life and is using only slightly different versions of the original malware and controller list. The rejuvenation of the botnet illustrates the difficulty of permanently disabling these networks and the perseverance of the attackers who count on them for their livelihood. Read more »

Security firm Symantec is sounding the alarm about a mobile device threat they call 'Counterclank,' a Trojan horse program that they say may have infected as many as five million devices through downloads on the Official Android Market. However, other security researchers aren't so sure, and wonder whether Counterclank isn't anything more than an aggressive advertising campaign. Read more »

Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the Wordpress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that will install malicious software on vulnerable systems. Read more »

The groups of attackers that employ the Zeus toolkit for their scams and malware campaigns have long used sites in the .ru Russian TLD as homes for their botnet controllers. Security researchers and law enforcement agencies have had a difficult time making headway in getting these domains taken down, but now it seems that some changes in the way that the Russian organization in charge of the .ru domain is enforcing rules for fraudulent domains is forcing attackers to move to a long-forgotten TLD owned by the former Soviet Union. Read more »

Ralph Langner is the closest thing to a rock star that you get in the Dockers and pocket-protector world of industrial control systems. The German researcher made headlines in 2010 as among the first security experts to analyze parts of the Stuxnet worm's code devoted to manipulating programmable logic controllers by Siemens, and the first to explicitly link the Stuxnet malware with an effort to disable Iran's uranium enrichment operation.

 Read more »