Apple iPhone worm turns phones into bots
November 23, 2009
A malicious Apple iPhone worm — designed to turn jail-broken iPhones into bots — proves, yet again, that cybercriminal are as predictable as Seattle rain.
This iPhone worm appeared over the weekend, arriving less than two weeks after a 21-year-old Australian researcher, Ashley Towns, released the Ikee worm — the prototype for this new type of attack.
You may recall Towns cleverly changed the wall paper of iPhones he …More
Twilight ‘New Moon’ fans targeted for scareware and viruses
November 19, 2009
Twilight fans beware. A viral marketing campaign designed to exploit your anticipation over the New Moon movie coming out tomorrow may look like normal free media you’ve come to expect on the Internet.
A scareware purveyor has been spreading bad URLs, with the help of corrupted Google search results, having to do with the movie and its stars, according to PC Tools.
Fans are being directed to chats and blogposts that …More
Apple Macs targeted by phishers just as intensely as Windows PCs
November 18, 2009
Sometimes stating the obvious is necessary.
Apple Macs are no safer than Windows PCs when it comes to phishing attacks. This USA Today newsblog post outlining how Mac users are getting victimized by phishers just as readily as PC users has irritated many Mac loyalists.
The posting made reference to a recent phone survey of 1,003 consumers – commissioned by antivirus vendor Eset – that shows 57% of …More
Veracode lands Harvard business school dean & Microsoft director Dr. Jim Cash
November 18, 2009
Application security vendor Veracode recently landed a big fish to sit on its board of directors, Dr. Jim Cash, Professor and Senior Associate Dean of the Harvard Business School. Cash sits the boards of General Electric, Microsoft, Wal-Mart, Chubb, Phase Forward, the Boston Celtics and the National Association of Basketball Coaches Foundation. He is a Limited Partner in the LLC that owns the Celtics.
Matt Moynahan, CEO of Veracode, spent five months …More
Why cybercrime is here to stay
November 13, 2009
See related post: Anatomy of a $9.4 million cyber heist
Law enforcement has made great strides overcoming geo-political obstacles in bringing prosecutions in the TJX, Heartland and RBS WorldPay cases. Yet the Internet remains saturated with criminal activity. Cybercriminals continually harvest and cull stolen data and carry out elaborate cash-out schemes using the Web to collaborate. The ring leaders who formed a partnership to snatch $9.4 million in a quick-strike, global ATM heist using data stolen from RBS WorldPay …More
RBS WorldPay: How a gang stole $9.4 million from 280 ATMs in 12 hours
November 13, 2009
The top line from the RBS WorldPay caper reads like a trailer for George Clooney’s next Ocean’s 11 summer blockbuster:
An elite Euro-Russian cybergang uses the Internet to remotely crack deep inside the network of a giant U.S. debit- and credit-card processor. The gang swipes and decrypts valuable debit-card account data; and then sets into motion a globe-spanning, multi-million dollar score.
Moving fast to avoid detection, an army of accomplices carrying blank …More
Secure Sockets Layer (SSL) vulnerable to man-in-the-middle hacks
November 12, 2009
Marsh Ray and Steve Dispensa, researchers at authentication services vendor PhoneFactor, recently discovered a gaping security hole in Secure Socket Layer, or SSL. This technology, along with the newer Transport Layer Security, or TLS, gets used widely to secure online retail transactions. A similar SSL vulnerability was discovered by researcher H.D. Moore, of Metasploit fame, in May 2008.
Both discoveries were of the good-guy variety — no one …More