Monday, August 25, 2014

Attack targets auto industry firms in Europe #malware

Cybercriminals are using a new information-stealing malware program to target companies from the automobile industry in Europe, security researchers warned.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1p9lclP

Shadow cloud services pose a growing risk to enterprises #malware

A growing tendency by business units and workgroups to sign up for cloud services without asking their IT organization creates serious risks for enterprises.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1AMQkKK

Friday, August 22, 2014

More Malware and Vulnerabilities News #malware

View more Malware and Vulnerabilities news and analysis from Computerworld.com



from Computerworld Malware and Vulnerabilities News http://ift.tt/1fi9Ukh

US warns 'significant number' of major businesses hit by Backoff malware #malware

More than 1,000 major enterprise networks and small and medium businesses in the U.S. have been compromised by a recently discovered malware package called "Backoff" and are probably unaware of it, the U.S. Department of Homeland Security (DHS) said in a cybersecurity alert on Friday.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1l1ONfR

Microsoft engineer: 'Definitely problems' with test process after crippling Windows patch #malware

A week after Microsoft pulled a Patch Tuesday update that crippled some Windows 7 PCs, the company has yet to provide a working fix for either the original flaw or the resulting problem.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1s9JZDW

Wednesday, August 20, 2014

UPS now the third company in a week to disclose data breach #malware

Credit and debit card information belonging to customers who did business at 51 UPS Store Inc. locations in 24 U.S. states this year may have been compromised.



from Computerworld Malware and Vulnerabilities News http://ift.tt/YBH8ec

The UPS Store says malware found on systems of 51 stores #malware

The UPS Store said Wednesday that malicious software was found on the systems of 51 of its franchises in 24 U.S. states, although no fraud has been detected yet.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1mnEgao

'Reveton'ransomware adds powerful password stealer #malware

A type of malware called Reveton, which falsely warns users they've broken the law and demands payment of a fine, has been upgraded with powerful password stealing functions, according to Avast.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1sUeHVE

Tuesday, August 19, 2014

Kicking the stool out from under the cybercrime economy #malware

Put simply, cybercrime, especially financial malware, has the potential to be quite the lucrative affair. That's only because the bad guys have the tools to make their work quick and easy, though. Cripple the automated processes presented by certain malware platforms, and suddenly the threats -- and the losses --aren't quite so serious.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1lfo7sG

Monday, August 18, 2014

Update: Microsoft pulls crippling patch from Windows Update #malware

Although Microsoft has pulled a patch from Windows Update that crippled some computers, it is still pushing a truncated version of the security update that contained the flawed fix.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1oJvxEV

Sunday, August 17, 2014

Microsoft urges customers to uninstall 'Blue Screen of Death' update #malware

Microsoft is quietly recommending that customers uninstall one of last week's security updates after users reported that it crippled their computers with the infamous "Blue Screen of Death."



from Computerworld Malware and Vulnerabilities News http://ift.tt/1pCXn4S

Friday, August 15, 2014

Grocery stores in multiple states hit by data breach #malware

A data breach at Supervalu Inc., one of the largest grocery wholesalers and retailers in the U.S., could affect thousands of people who shopped at the company's stores in June and July.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1t6TS6R

Heartbleed software flaw exposes weaknesses in hardware design #malware

Heartbleed may have been a software bug, but it highlighted glaring weaknesses in existing hardware architectures, which remain vulnerable to memory-bound attacks, a university researcher said this week.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1phHqAJ

Thursday, August 14, 2014

Google broadens its malware sleuthing to sniff out deceptive downloads #malware

Google is expanding its safe browsing technology to notify Web users of downloads that appear benign, but actually make unwanted changes to their computers.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1BhvBzK

The biggest iPhone security risk could be connecting one to a computer #malware

Apple has done well to insulate its iOS mobile operating system from many security issues, but a forthcoming demonstration shows it's far from perfect.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1l5iDjV

Wednesday, August 13, 2014

BlackBerry patches vulnerabilities in BlackBerry OS, enterprise server software #malware

BlackBerry's focus on strong security as a key differentiator for its devices does not mean that they're completely free of flaws. The company released security updates Tuesday for both the OS running on its smartphones and for its enterprise server software.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1usZwDr

Snowden reveals automated NSA cyberwarfare program #malware

The U.S. National Security Agency has a cyberwarfare program that hunts for foreign cyberattacks and is able to strike back without human intervention, according to NSA leaker Edward Snowden.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1usZtYc

Users told to patch critical flaw in Adobe Reader and Acrobat #malware

Adobe Systems has released security patches for its Flash Player, Reader and Acrobat products, addressing a total of eight vulnerabilities, including one that is being exploited by attackers.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1sYGm5n

Users should patch critical flaw in Adobe Reader and Acrobat, researchers say #malware

Adobe Systems has released security patches for its Flash Player, Reader and Acrobat products, addressing a total of eight vulnerabilities, including one that is being exploited by attackers.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1oMccCb

Malware no longer avoids virtual machines #malware

Many malicious software programs used to make a quick exit on virtual machines, a tactic designed to avoid a security check. But that isn't the case anymore, according Symantec research.



from Computerworld Malware and Vulnerabilities News http://ift.tt/Y43HIh

Tuesday, August 12, 2014

Microsoft's Patch Tuesday updates focus on Internet Explorer #malware

Microsoft has issued 29 patches for its Internet Explorer browser, including one fixing a critical vulnerability that would allow a remote attacker to gain access to a computer from over the Internet.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1up3L2D

15 new vulnerabilities reported during router hacking contest #malware

Routers appear to be as insecure as ever, after hackers successfully compromised five popular wireless models during a contest at the DefCon 22 security conference, reporting 15 new vulnerabilities to affected vendors.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1ysoFvD

Amazon protects its virtual desktops with two-factor authentication #malware

Amazon Web Services now lets enterprises use two-factor authentication to better protect hosted WorkSpaces virtual desktops.



from Computerworld Malware and Vulnerabilities News http://ift.tt/Y0aqDe

Monday, August 11, 2014

Security Manager's Journal: Peering behind the firewall #malware

The corporate firewall is like a dike keeping out a raging sea of malware. Where does it all come from?



from Computerworld Malware and Vulnerabilities News http://ift.tt/XcNyA9

Mobile chips face lockdown to prevent hacks #malware

Chip makers want to make hardware the first layer of defense against data breaches and other attacks on tablets and smartphones.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1lOt5Hr

Sunday, August 10, 2014

Home routers supplied by ISPs can be compromised en masse #malware

Specialized servers used by many ISPs to manage routers and other gateway devices provisioned to their customers are accessible from the Internet and can easily be taken over by attackers, researchers warn.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1yjFZ5Y

Friday, August 8, 2014

PCI Security Council moves to boost service providers' credit card security #malware

The PCI Security Standards Council has updated its guidance to help merchants better determine whether third party service providers have implemented security measures to protect credit and debit cardholder data.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1krwqka

Some mobile POS devices still have critical flaws months after patch #malware

Security researchers demonstrated Thursday flaws that can allow hackers to take over mobile point-of-sale (mPOS) devices from different manufacturers by inserting rogue cards into them.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1sEmc0b

Thursday, August 7, 2014

Windows 8.1 biz users face patch freeze as Microsoft sets critical updates #malware

Microsoft plans to deliver nine security updates next week, incljuding a pair of critical patches for Internet Explorer and all versions of Windows.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1shN0WC

Carriers' remote control software still puts mobile devices at risk #malware

Vulnerabilities found in remote management software that carriers insist be installed on smart phones and other mobile-enabled devices they sell are likely to put many devices at risk of compromise for some time to come.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1zXGfu2

U.S. agencies halt background checks by contractor after cyberattack #malware

Two U.S. federal agencies have halted background checks with a contractor that said Wednesday its networks had been breached in a cyberattack suspected to have been coordinated by an unnamed country.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1veEqd2

Google lowers search ranking of websites that don't use encryption #malware





from Computerworld Malware and Vulnerabilities News http://ift.tt/1veEj1a

OpenSSL, critical Web encryption tool, gets nine software fixes #malware

Nine software fixes were released Wednesday for OpenSSL, a critical encryption component for exchanging data on the web, although none of the problems are as severe as the 'Heartbleed' issue found in April.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1veEeuB

Wednesday, August 6, 2014

Network-attached storage devices more vulnerable than routers, researcher finds #malware

A security review of network-attached storage (NAS) devices from multiple manufacturers revealed that they typically have more vulnerabilities than home routers, a class of devices known for poor security and vulnerable code.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1pY7TzM

IE plays security catch-up, will block outdated Java plug-ins #malware

Microsoft's Internet Explorer will begin blocking out-of-date ActiveX controls when the company updates the versions that run on Windows 7 and Windows 8 next week.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1sx69Bh

Symantec patches privilege escalation flaws in Endpoint Protection #malware

Symantec has released a patch for privilege escalation flaws in its Endpoint Protection product, and the company which found the issues released the exploit code on Tuesday.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1AUe1l6

Tuesday, August 5, 2014

Oracle issues fix for Java update that crippled some Web apps #malware

There's relief available for users who applied a recent Java update that stopped some Web applications from being able to launch.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1obiGKC

Monday, August 4, 2014

Stealthy malware 'Poweliks' resides only in system registry #malware

A new malware program called Poweliks attempts to evade detection and analysis by running entirely from the system registry without creating files on disk, security researchers warn.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1s5A7Pf

Researchers to name the most hackable cars at Black Hat #malware

A report to be released at Black Hat this week will reveal which vehicles are more susceptible to hackers.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1smUrcq

Cisco patches traffic snooping flaw in its networking gear OSes #malware

Cisco Systems said attackers could disrupt or intercept traffic in many of its networking products unless a new security update is applied to the software they run.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1sliMzu

Friday, August 1, 2014

Android vulnerability still a threat after nearly two years #malware

Security researchers have recently found a vulnerability that could be used to hijack Android apps and devices, but an older issue that can have the same effect remains a significant threat nearly two years after its discovery, according to security firm Bromium.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1tDoUWw

Attackers can easily create dangerous file-encrypting malware, new threat suggests #malware

A new program that encrypts files to extort money from users highlights that attackers don't need advanced programming skills to create dangerous and effective ransomware threats, especially when strong encryption technology is freely available.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1xL8wRB

Microsoft's EMET 5.0 puts a security leash on plugins #malware

The latest release of a Microsoft security tool that's designed to stop exploits lets administrators control when third-party plugins are launched, a long favored route for attackers.



from Computerworld Malware and Vulnerabilities News http://ift.tt/1AGLzmQ