KIWICON
Hackers everywhere can now more easily compromise popular chat apps to steal users' webcam and audio feeds using a worm framework published online - and they even have a new zero day to help the plundering.
The framework, dubbed "Little Doctor" after the planet-annihilating super weapon of Ender's Game will compromise …
Hackers have unleashed a strain of scammer that activates on compromised computers when it encounters filenames containing strings that have been associated with child abuse clips and images.
Ransoc kicks in when it finds potential "evidence" of child abuse material or media files downloaded via torrents on the targeted …
A security researcher has discovered that when the Mac version of Shazam is switched off, it simply stops processing recorded data. The recording itself continues.
The music identification service admits the behaviour but says it only keeps recording purely for technical reasons.
Patrick Wardle, a former NSA staffer who heads …
Security researchers have discovered a "missing link" in the Mirai botnet that may prompt a rethink in what makes up the zombie network.
The release of Mirai's source code in early October revealed that malware scans for telnet before attempting to hack into devices, using a brute-force attack featuring 61 different user/ …
Small businesses faced eight times more ransomware attacks in the third quarter of 2016 than the same quarter last year, according to stats from Kaspersky Lab.
Kaspersky Small Office Security thwarted 27,471 attempts to block access to corporate data in Q3 2016, compared to 3,224 similar attacks in Q3 2015.
Ransomware makes …
The Russian Federal Antimonopoly Service (FAS) is investigating whether Microsoft abused its position in the market with Windows 10 ? after Moscow-based Kaspersky complained to the watchdog and EU regulators.
In a lengthy blog post this week, the antivirus biz's founder Eugene Kaspersky argued that Microsoft deliberately used …
With half of America celebrating the victory of the Republicans and President-elect Trump, and the other half mourning the result, a targeted phishing campaign engulfed various US think tanks and NGOs the week.
Security firm Volexity spotted the attack, which began around six hours after the President-elect clinched the …
Researchers have developed a proof-of-concept worm they say can rip through Philips Hue lightbulbs across entire cities ? causing the insecure web-connected globes to flick on and off.
The software nasty, detailed in a paper titled IoT Goes Nuclear: Creating a ZigBee Chain Reaction [PDF], exploits hardcoded symmetric …
At least some of the US$81 million lifted from Bangladeshi banks in recent hacks on the Society for Worldwide Interbank Telecommunication (SWIFT) inter-bank transfer network has been tracked down to a casino in the Philippines.
The February heist relied on malware dropped on a SWIFT terminal used by Bangladesh's central bank. …
A revamped version of the Torte?botnet malware is turning insecure CMS servers into spam-spewing zombies.
SpamTorte 2.0 is a powerful, multi-layered Spambot that is capable of running large-scale spam campaigns while cleverly masking itself to avoid detection, security firm Verint warns.
The SpamTorte botnet relies on …
An Android Chrome bug that's already under attack - with criminals pushing banking trojans to more than 300,000 devices - won't get patched until the next release of the mobile browser.
The flaw allows malware writers to quietly download Android app installation (.apk) files to devices without requiring approval.
Users need …
Comment
The distributed denial of service attack that took down DNS provider Dyn, and with it access to a chunk of the internet, was one of the largest such assaults seen.
The attack exploited Internet of Things devices ? notably webcams built by XiongMai Technologies. The gadgets had default login passwords that allowed them to be …
Promo
Ransomware is a type of malware that sees criminals make your critical business data inaccessible by encrypting it and throwing away the decryption key … until you pay them a ransom.
Ransomware is pervasive, evolving fast and hard to combat, not least because the criminals who spread it often take your money without decrypting …
That took a while: Android's had Hover since Ice Cream, but boffins have taken until now to work out how to attack it.
Hover is a set of interface calls that let application designers imitate mouse-over behaviours people know from PCs, and it only needs to be implemented on a phone or tablet to be vulnerable - whether or not a …
Updated
A browser extension which was found to be harvesting users' browsing histories and selling them to third parties has had its availability pulled from a number of web browsers' add-on repositories.
Last week, an investigative report by journalists at the Hamburg-based German television broadcaster, Norddeutscher Rundfunk (NDR …
Security researchers have released a Mirai IoT botnet scanning tool.
The utility ? aimed at consumers and small businesses ? allows users to find out if devices on their network are either infected by or vulnerable to the Mirai malware.
When users click on "Scan My Network Now", the scanner will discover their public IP …
Tech support fraudsters have taught an old denial of service bug new tricks to add a convincing layer of authenticity to scams.
The HTML5 bug allows sites to chew up a mountain of processor capacity, causing browsers to hang.
Scammers deploy the few lines of code needed to trigger the bug, hang browsers and then display a …
Criminals behind the massive Cerber ransomware enterprise are now targeting businesses as well as individuals with a module that kills and encrypts databases, warns Intel's former security arm McAfee.
Cerber had conducted more than 160 campaigns when examined in July targeting 150,0000 users and raking in a cracking US$195,000 …
Two in three web pages served over the world's favourite web browser Chrome are now secured with HTTPS, Google says.
The good news applies to Chrome on the desktop and signifies progress in the long-hoped-for decline of insecure cleartext browsing.
Chrome security bods Adrienne Porter Felt and Emily Schechter say all …
The UK’s National Crime Agency has arrested 14 people suspected of using the Dridex and Dyre malware to launder £11m in stolen cash.
The 13 men and one woman, some of whom were not British nationals, were aged between 23 and?52.
A dozen were arrested in London, and the other two in Daventry and West Bromwich.
Cash, mobile …
World-leading Papworth Hospital has escaped a full-on zero-day crypto ransomware attack thanks to the "very, very lucky" timing of its daily backup.
It's believed that an on-duty nurse at the heart and lung hospital in Cambridgeshire, UK, unwittingly clicked on something in an infected email, activating the attack at about …
Sophos has bought Barricade, an Irish security analytics start-up.
Barricade has built a behaviour-based analytics engine based on machine learning techniques that has applications in malware detection. The technology will be used to enhance the security capabilities of Sophos' network and endpoint protection portfolio. …
Millions of do-it-yourself websites built with the Wix web maker were at risk of hijack thanks to a brief zero day DOM-based cross-site scripting vulnerability.
Wix boasts some 87 million users, among them two million paying subscribers.
Contrast Security researcher Matt Austin (@mattaustin) dug up the flaw he rates as severe …
The US National Cybersecurity Center of Excellence (NCCoE) has published a guide on how to improve email security ? and it wants your feedback on it.
The center is part of NIST ? America's National Institute of Standards and Technology ? which itself part of the US Department of Commerce. The NCCoE has put out its "draft …
Brits are getting better at patching Windows on their personal computers but worse at updating their applications, according to a new study.
Stats from vulnerability management outfit Secunia Research reveal that 6.4 per cent of UK users had unpatched Windows operating systems in Q3 of 2016, up from 5.4 per cent in Q2 but down …
An engineer has shown how you can sneak a tiny cellphone base station into an innocuous office printer.
The idea is the brainchild of New Zealand's Julian Oliver, who was inspired by the Stingray cellphone snooping technology now in widespread use by the cops and FBI. He was looking to see how such tech could be hidden and …
Google is set to jettison certificate authorities WoSign and StartCom next year in a move that shores up wider efforts to neuter the two companies.
Mountain View's move follows public announcements by Mozilla and Apple that they would not trust the authorities' certificates after the pair the pair incorrectly issued base …
Microsoft has not responded well to Google's bug grenade, accusing the ad giant of screwing over netizens and getting its facts wrong.
"We believe in coordinated vulnerability disclosure, and today's disclosure by Google puts customers at potential risk," Microsoft said in a statement. It then disputed Google's claims about …
Security researchers at Cylance have uncovered a malware-spreading campaign that uses Google AdWords to pump out rogue code to macOS users.
The malefactors bought the AdWords top ranking for the search term "Google Chrome," which appeared to lead the user to www.google.com/chrome. In fact it redirected them to googlechromelive …
UK Chancellor Philip Hammond is due to reaffirm a pledge to spend £1.9bn up until the end of 2020 to bolster the UK’s cyber security strategy in a speech early this afternoon.
The updated strategy [84-page PDF] - which doesn’t include any new spending pledges1 - is expected to include an increase in focus on investment in …
The miscreants behind the Nymaim malware dropper have updated their code to include better obfuscation and blacklisting against security software.
Analytics outfit Verint, which discovered the latest version and offers its analysis here, says the new code base targets phishing rather than the drive-by-download approach …
Google has slung a grenade at Microsoft by disclosing a Windows vulnerability before Redmond has a patch ready. The bug can be exploited by malware on a machine to gain administrator-level access.
According to this blog post by Neel Mehta and Billy Leonard of the Chocolate Factory's Threat Analysis Group, the reason for going …
In one month, an obscure procedural rule tweak will come into effect allowing US cops and federal agents to potentially hack any computer in the world using a single warrant issued anywhere in America.
No one in Congress has voted on this legal update. It means a warrant granted somewhere within the US can be executed on the …
Miscreants have put together a new strain of malware designed to turn insecure IoT devices into a DDoS attack platform.
The new nasty, Linux/IRCTelnet discovered by security researchers at MalwareMustDie.org, like the infamous Mirai botnet before it relies on default hard-coded credentials to spread across vulnerable devices. …
The Shadow Brokers crew has dumped online a list of servers apparently compromised by NSA hackers.
The list contains historic targets of the NSA-linked Equation Group. The date stamps suggest the systems were compromised around 2001 and 2003, and they appear to be used as bases from which US snoops could carry out surveillance …
A GitHub user going by Leo Linsky has forked a repo created by researcher Jerry Gamblin to create an anti-worm "nematode" that could help to patch vulnerable devices used in the massive Mirai distributed denial of service attack.
The nematode, a concept detailed by security man Dave Aitel [PDF], would fight back against the …
Criminals are about to lose a reliable attack vector for malware infection and phishing, thanks to Google's Certificate Transparency initiative that will force websites to enforce proper certificate security within a year.
Stolen and mis-issued SSL certificates allow attackers to spin up malicious sites that pass browser …
A group of American boffins is loosing artificial intelligence on web scams, demonstrating that analysis of domains at the time of registration can provide an early warning of those that will later be home to spammers and scammers.
The idea is to tag the kinds of behaviour at registration time that hints someone is preparing …
Malware threats in search results are getting worse despite the best efforts of Google and other vendors.
The number of infected results has been increasing year by year since 2013 despite the application of multiple tools and technologies designed to exclude dodgy links, according to a study by independent anti-virus testing …
Datto’s SIRIS 3 data protection platform includes what it claims is the industry’s first ramsomware detection capability.
Ransomware is the noxious malware that captures your files and walls them off from access by encrypting them. The perpetrator demands payment ? possibly by anonymous Bitcoin ? to release the encryption key …
Cybercrooks are posing as customer support staff from UK banks in a ruse designed to hoodwink gullible customers out of their credentials.
The social media phasing scam relies on the creation of bogus Twitter profiles, such as @BarclaysHelpUK (real example, now suspended). Customers are already expecting a response from a …
Adobe is advising folks to update Flash Player ? as malware is right now exploiting a newly discovered hole in the internet's screen door to hijack Windows PCs.
The emergency patch addresses a single vulnerability, CVE-2016-7855. The use-after-free() programming blunder allows an attacker to achieve remote code execution when …
A hacking group is running a wide ranging cyber-espionage campaign against targets in the Middle East.
Security firm Vectra Networks says it has identified over 200 samples of malware generated by the group over the last two years. The assaults are not technically sophisticated but nonetheless tricksy in their use of social …
In order to remain tenable as the security market adjusts to software containers, Tenable Network Security, based in Columbia, Maryland, has acquired FlawCheck, a San Francisco-based company founded last year to make Docker containers more secure.
Renaud Deraison, CTO and cofounder of Tenable, contends that information …
Malware has been spotted using the freemium model more than 30 years after it was introduced.
PhishMe malware researcher Paul Burbage (@hexlax) spotted the revitalised model in a keylogger sold as a freemium public download and as a US$55 full version purchase.
The Viotto Keylogger is the offensive security tool designed by a …
The Nexus 6P appears to have been hacked with attackers at the Mobile Pwn2Own contest installing malware without user interaction in less than five minutes.
The hack by China's Keen Team happened minutes ago at the Tokyo event and does not require users to do anything. It is as of the time of writing yet to be confirmed but …
ARM TechCon
Processor designer ARM will squirt security fixes directly into internet-connected gadgets to hopefully keep them defended from hackers.
Manufacturers of Internet-of-Things gizmos and other embedded products have complained that updating gear in the field is too much hard work. That means devices are rarely patched when …
Microsoft is warning of fake copies of its Security Essentials that if executed will throw a fake blue screen of death, pwn machines, and lead users to technical support scams.
Redmond regards the threat dubbed Hicurdismos as a severe threat which compromises PCs typically through bundled software installers and drive-by- …
Security researchers have demonstrated how to gain root privileges from a normal Android app without relying on any software bug.
The unprivileged application is able to gain full administrative permissions by exploiting the Rowhammer vulnerability present in modern RAM chips. Essentially, malicious code can change the content …
Chinese electronics firm Hangzhou Xiongmai is set to recall swathes of webcams after they were compromised by the Mirai botnet.
Mirai exploits the low security standards of internet-connected devices, from routers to webcams, and after enslaving them with malware uses their network connections to launch DDoS attacks, such as …