Items Tagged with "malware"
Cross-Site Scripting (XSS) - Some Examples
January 27, 2011 Added by:Ben Keeley
A reflected XSS vulnerability is when ‘code’ is injected into a website in such a way so as to deliver a payload or to produce a result on the end users browser. Reflected XSS vulnerabilities are delivered to a victim via various means such as an email causing the user to click on a malicious URL...
Comments (1)
Intel Technology Will Eliminate Zero-Day Threats
January 26, 2011 Added by:Headlines
"The best security is a combination of hardware and software. Hardware security can be stronger and faster in some situations, but isn't as flexible as software-only mechanisms. The big change here is that it sounds like Intel is pulling security functions into the chip or the chipset..."
Comments (0)
Why Stuxnet Matters To PCI Compliance
January 25, 2011 Added by:PCI Guru
Stuxnet was not as nasty to devices that were not centrifuges, but it still caused problems. Imagine if an entity wrote an attack for a common device or protocol hoping to actually target another entity. Do you think your organization could become “collateral damage”? I would say it is highly likely...
Comments (0)
Federal Cyber Security and Short URL Vulnerabilities
January 24, 2011 Added by:Jon Stout
This threat is particularly dangerous to government networks where there are large, interrelated networks that are critical to defense and infrastructure networks. As more and more government works use Twitter and other social networks, destructive malicious activity will increase...
Comments (2)
Soundminer Trojan Listens for Credit Card Numbers
January 23, 2011 Added by:Headlines
"We implemented Soundminer on an Android phone and evaluated our technique using realistic phone conversation data. Our study shows that an individual's credit card number can be reliably identified and stealthily disclosed. Therefore, the threat of such an attack is real..."
Comments (0)
Attacking Computers and Smartphones via USB Cable
January 21, 2011 Added by:Headlines
Researchers have designed code which makes it possible to pilfer data when a smartphone is connected by USB cable with a computer. The code adds a mouse or keyboard function to the USB driver that allows the attacker to take control of the units and download files or upload malware...
Comments (0)
Bohu Trojan is Designed to Disable Cloud Antivirus
January 20, 2011 Added by:Headlines
The Bohu Trojan, which targets machines running Windows, disrupts cloud-based antivirus software by installing a filter in between the hardware and the cloud service provider. Bohu is the first generation of malware that specifically targets cloud-based antivirus software...
Comments (0)
Will IPv6 Cause Chaos for the Browsing Public?
January 19, 2011 Added by:Rafal Los
Whether you're installing a drive-by trojan malware via 0day, collecting revenue from pay-per-click schemes, or XSS'ing your way into their bank account - the goal of this game is to make money on that person. Let's face it, business is good...
Comments (0)
PDFs Now Leading Source of Malware Attacks
January 18, 2011 Added by:Headlines
Exploits utilizing the ubiquitous PDF document now account for as much as 36% of malicious code distribution, and PDFs are the leading source for web-based attacks according to Symantec's Quarterly Global Threat Report...
Comments (0)
McAfee's Top Targets for Emerging Threats in 2011
January 17, 2011 Added by:Robert Siciliano
This is McAfee Labs list comprises 2010′s most buzzed about platforms and services, all of which are expected to be major targets for cybercriminals in the coming year...
Comments (2)
Hijacked GOV and EDU Websites Serving Up SPAM
January 17, 2011 Added by:Headlines
The websites of some of the country's biggest universities, as well as several government administered sites, have been compromised and are redirecting visitors to SPAM ads. Sections of the websites contain redirected links to spoofed Google searches for fake online stores peddling everything from software to pharmaceuticals...
Comments (0)
Stuxnet Evidence Points to Joint US-Israeli Development
January 16, 2011 Added by:Headlines
Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program...
Comments (0)
Left the Back Door Unlocked?
January 14, 2011 Added by:Ben Keeley
Your organization may defend against malware, may defend against password brute forcing, and possibly even be able to detect a port scan but do they defend against something as ‘good-natured’ as someone browsing the domain for open shares from a well placed sensitive server?
Comments (0)
Welcome to the Post Zeus-Stuxnet World
January 14, 2011 Added by:Brent Huston
While we were all focused on the economy last year, the entire information security threatscape suddenly changed, under the watchful eyes of our security teams. To me, the overall effectiveness, capability and tenacity of both Zeus and Stuxnet is an Oppenheimer moment in information security...
Comments (0)
Security Threats: Face the Danger
January 13, 2011 Added by:Roman Zeltser
Many professionals have revised the entire approach to security. The common denominator for all opinions is the fact that our commonly accepted approach to IT security is not working anymore due to the new and highly sophisticated penetration tools that were developed recently...
Comments (0)
Drive Encryption Useless Against Some Online Attacks
January 11, 2011 Added by:Dan Dieterle
Drive encryption is recommended, and it works very well, but just how well will it protect you from online attacks? Truth be told, in some situations it may not help you at all. I wanted to see how well drive encryption would protect a Windows XP SP3 machine from a common online Java based attack...