By Chris Strohm A previously unknown hacking group believed to be based in Iran has started cyber attacks inside the U.S., according to Mandiant Corp., a security company that’s linked China’s army to similar activity. The Iranian group emerged within the last six months and has infiltrated the networks of at least

 [More]

Fraudster who hired hackers to manipulate stock prices goes to prison The central organizer of a worldwide conspiracy to manipulate stock prices through a “botnet” network of virus-controlled computers was sentenced today to 71 months in prison and was ordered to pay a $30,000 fine. 44-year-old Texas resident Christopher Rad was previously

 [More]

By Jordan Robertson The hackers often struck late on Fridays, starting about a year ago, sending skeleton crews at more than a dozen European banks rushing to keep bombardments of digital gibberish from crashing their websites. Damaging as the bandwidth-choking attacks were, they were merely smokescreens. Once employees dropped their guard to

 [More]

Researchers at Northwestern University and North Carolina State University have discovered that anti-virus programs for Android can usually be bypassed using trivial means. The researchers developed DroidChameleon, a tool that can modify known malware apps in numerous ways to prevent them from being detected. Most of the ten scanners they tested mainly

 [More]

Despite the average number of serious vulnerabilities per website declining in 2012, 86 per cent of all websites tested were found to have at least one serious vulnerability that exposed it to attack. According to correlated vulnerability data from more than 650 organisations' websites by WhiteHat Security, ‘serious' vulnerabilities per website went

 [More]

by Michael Mimoso The United States Department of Labor website is the latest high-profile government site to fall victim to a watering hole attack. Researchers at a number of security companies reported today that the site was hosting malware and redirecting visitors to a site hosting the Poison Ivy remote access Trojan.

 [More]

by Brian Donohue For at least the third year in a row, the number of serious vulnerabilities per website has fallen. That sounds like good news until you look at the numbers and realize that the average website carried an astonishing 56 holes in 2012, according to statistics compiled by WhiteHat Security

 [More]

The Google Play store has been an Eden for hackers wanting to get malicious code onto Android devices. A number of things made the marketplace too tempting for attackers to resist, including the open source nature of the operating system, lax vetting of developers, and the ability to modify code in runtime

 [More]

Webroot has detected a new wave of bogus Microsoft-themed cyber scams, looking to dupe web users with bogus security notifications. The security firm reported detecting a number of scams targeting users with malware-laden messages masquerading as alerts from Microsoft in a blog post on Tuesday. "Recently we have seen an increase in

 [More]

Experts from Core Security have identified several vulnerabilities in D-Link IP cameras that can be exploited by cybercriminals for various purposes. The list of vulnerabilities includes OS command injection, authentication flaws, information leakage, and the use of hard-coded credentials. These security holes can be leveraged to execute arbitrary commands from the administration

 [More]