Why would malicious code want to run entirely on the GPU? And should we be concerned?
There has long been a debate over whether open source software is generally more secure or less secure than commercial software. Proponents of open source say it’s more secure because more people are looking at the code, increasing the chances that problems will be seen, documented, and corrected. Proponents of commercial software claim that vendors are more accountable than a team of volunteers,
Hackers who compromised a German steel works inflicted serious damage on one of its blast furnaces, according to a newly released report from the German Federal Office of Information Security.
Once again, according to the German report [PDF], the initial infection took place because a member of staff was tricked by a spearphishing email that used social engineering techniques to lull them into a false sense of security.
There’s been a lot of news lately about the adverse health impact of vaping, including a recent study which suggests that e-cigarettes contain up to 10 times the level of carcinogens of regular tobacco.
But perhaps less well publicized is the recent news that e-cigarettes might give you malware.
We were talking with the CIO of a major healthcare company the other day who told us that his day had gone sideways because of the re-emergence of the ChangeUp worm / Trojan. This was news to me. I mean, yes, I’m a little behind in my reading, but I’d not heard much about ChangeUp since it flared up again at the end of 2012.
On National Data Privacy Day yesterday, Lumension served up cake for the Scottsdale, AZ employees, courtesy of our own Cake Boss, Gary Ludolph. The master piece was obviously delicious but this one also had a story behind it. How many Optimal Security readers know the story behind the Trojan Horse?
It certainly seems that not a week goes by without hearing about yet another attack on Facebook users. Last week it was a phishing scam driven by a botnet, and this week, we have two new and different phishing scams — one cleverly tricking users into revealing their passwords and another installing malware that quietly waits for the user to start a banking transaction only to steal their login credentials.
Wasn’t it Jerry Rubin, founding member of the Yippie movement and famous member of the Chicago 7, who once told us “don’t trust anybody over 30”? [ed: well, no; actually, it was Jack Weinberg.] Of course, this famous counter-culture saying from the 60’s was later changed to “don’t trust anyone under 30” (subject of this controversial book).
A current version of a Mac Trojan horse known as OSX.RSPlug.A originally seen making the rounds back in October 2007 is still active and in the wild today.
The malware alters the DNS server address of an infected Mac, leading the user to a DNS server that redirects the user to fake banking,
With Conficker still fresh on our minds, a new potential menace has emerged. The remote access capability of a Trojan that spreads like a Virus – W32.Virut.CF (Symantec) or W32/Scribble-A (Sophos) is poised to wreak havoc on networks over the coming days. Embedding itself deep within infected machines, the Trojan will make it difficult to clean up.
As you’ve no doubt heard by now, security researchers over the weekend uncovered a computer espionage network – dubbed Ghostnet – based in China that so far has affected nearly 1,300 computers in 100 countries spanning the globe. What’s particularly interesting or noteworthy about this apparent cyber-espionage incident is the low-level technology used to infiltrate the attack – this lack of innovation actually points the finger at amateur work versus full-on cyber-espionage activity which would likely involve much more sophisticated technology than what was used here.
An Adobe vulnerability CVE-2009-0658 is actively being used in the wild as “Trojan.Pidief.E.” in targeted attacks and Adobe does currently not plan to release a patch until March 11th at best.
The Adobe vulnerability is a variation of a buffer overflow commonly referred to as a “Heap Spray” in JBIG2 compression routines in PDF files and impacts Adobe Reader 9 and several earlier versions reportedly across all platforms including Windows,