Malware/Cybercrime

Malware/Cybercrime news, trend analysis and opinion

Darkode cybercrime forum might be making a comeback

The forum's last administrator has plans to restore the site, with better protections against law enforcement investigations

Most Android phones can be hacked with a simple MMS message or multimedia file

Vulnerabilities in the Android multimedia framework allow attackers to remotely compromise devices with ease, a researcher said


Chinese police shut down supplier of over 40,000 fake iPhones

The supplier was allegedly shipping the fake iPhones to foreign countries

US Census Bureau says breach didn't expose household data

The breached database was segregated from systems that hold census data

Cybersecurity Canon and The Florentine Deception

Industry organization dedicated to reviewing and selecting books for cybersecurity education. Case in point, new novel from author Carey Nachenberg

Researchers disclose four unpatched vulnerabilities in Internet Explorer

The reports contain limited information, making exploit development hard and unlikely

Nigerian scammers buy exploit kits to defraud Asian businesses

Deeper reconnaissance of infiltrated accounts can lead to big thefts

Measuring the Quality of Commercial Threat Intelligence

One person’s quality is another person’s fluff so objective measurements will be difficult. Threat intelligence quality may ultimately be gauged through crowdsourcing and threat intelligence sharing.

Online ad industry tries to stamp out click fraud

A new blacklist will try to spot bad ad traffic coming from data centers

Five arrested in JPMorgan hacking case

Bloomberg sources claim a recent set of arrests are related to the 2014 JPMorgan computer compromise affecting 83 million people

Former Hacking Team supplier stops selling zero-day exploits on ethical grounds

U.S.-based Netragard has terminated its zero-day exploit selling program in response to revelations about Hacking Team's customers

Are There Differences Between Threat Intelligence Feeds?

Enterprise cybersecurity professionals find it difficult to judge the quality and efficacy of disparate open source and commercial threat intelligence. In the short term, this means more buying and selling.

New point-of-sale malware distributed by Andromeda botnet

Attackers use spam to infect systems with the Andromeda backdoor and then deploy GamaPoS on select point-of-sale machines

Darkode computer hacking forum shuts after investigation spanning 20 countries

The Web forum was 'one of the gravest threats' to computer security, a U.S. official says

Oracle fixes zero-day Java flaw and over 190 other vulnerabilities

Users should update Java as soon as possible because attackers are already taking advantage of at least one vulnerability

Vietnamese man gets 13 years for massive ID theft scheme

Ngo was connected to a 200-million record data breach at a credit monitoring firm

Cybersecurity Lessons from W. Edwards Deming

Process problems are the biggest bottleneck to strong cybersecurity so CISOs must address these issues before layering on additional technology

Hacking Team's malware uses UEFI rootkit to survive OS reinstalls

The feature allows the company's software to persist even if the hard disk drive if replaced

Cyberespionage group Pawn Storm uses exploit for unpatched Java flaw

The exploit was used in attacks against the armed forces of a NATO country and a U.S. defense organization

Hacking Team's arsenal included at least three unpatched exploits for Flash Player

The vulnerabilities leveraged by two of the exploits have yet to be patched

Load More