Despite an increasing number of successful cyberattacks launched by East Asian hackers against companies and government institutions around the world in recent years, Eastern European cybercriminals remain a more sophisticated threat to the global Internet, security researchers say.
Researchers from security vendor AlienVault have identified a variant of a recently discovered Internet Explorer exploit that is used to infect targeted computers with the PlugX remote access Trojan (RAT) program.
Attackers could impersonate legitimate mobile users on the Web portals many mobile operators use to sell content and services to their customers because of a security flaw in the sites, according to Bogdan Alecu, an independent security researcher from Romania.
Over half of Android devices are vulnerable to known security flaws that can be exploited by malicious applications to gain complete access to the operating system and the data stored on it, according to a report from mobile security firm Duo Security.
The 'CRIME' attack announced last week exploits the data compression scheme used by the TLS (Transport Layer Security) and SPDY protocols to decrypt user authentication cookies from HTTPS (HTTP Secure) traffic, one of the attack's creators confirmed Thursday.
Security researchers from German antivirus vendor G Data Software have identified a botnet that is controlled by attackers from an Internet Relay Chat (IRC) server running as a hidden service inside the Tor anonymity network.
Many automated teller machines (ATMs) and point-of-sale (POS) terminals fail to properly generate random numbers that are required by the EMV protocol to securely authenticate transaction requests, according to a team of researchers from the University of Cambridge in the U.K.
The Honeynet Project, a non-profit organization that develops open-source security research tools, has created a component for the Glastopf Web application honeypot software that can emulate applications vulnerable to SQL injection attacks in order to trick attackers into revealing their intentions.
A new tool allows Mac OS X attackers with root OS access to easily steal the keychain password data of logged in users and reinforces the dangers of granting administrative privileges to applications without serious consideration.
Copyright 2013 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.