Tag: malware

Malware’s Future Looks A Lot Like Its Present

SAN FRANCISCO – What does the future of malicious software look like? Depressingly like the present, according to a panel of leading experts. Phishing attacks, spam and even self-propagating worms will continue to plague technology users in the years ahead, just as they have for much of the last two decades, according to experts at the RSA Security Conference in San Francisco on Wednesday. However, the malware will operate across a far more crowded landscape of mobile devices, virtual machines, cloud-based computing resources and Internet connected “stuff” – complicating the job of securing sensitive information. The panel, “50 Minutes into the Future: Tomorrow’s Malware Threats” asked the experts to look into the crystal ball and predict what malicious software would look like in the near- and distant future. The answer was: much like it looks today. Dave Marcus, the director of security research and communications at McAfee Labs, said that the […]

Continue Reading

Bit9: 32 Pieces of Malware Whitelisted In Targeted Hack

The security firm Bit9 released a more detailed analysis of the hack of its corporate network was part of a larger operation that was  aimed a firms in a “very narrow market space” and intended to gather information from the firms.   The analysis, posted on Monday on Bit9’s blog is the most detailed to date of a hack that was first reported on February 8 by the blog Krebsonsecurity.com, but that began in July, 2012.  In the analysis, by Bit9 Chief Technology Officer Harry Sverdlove said  32 separate malware files and malicious scripts were whitelisted in the hack. Bit9 declined to name the three customers affected by the breach, or the industry segment that was targeted, but denied that it was a government agency or a provider of critical infrastructure such as energy, utilities or banking. The broad outlines of the story about the hack of Bit9, which sells […]

Continue Reading

Browser Security Still A Sore Spot For Companies (Podcast)

Clueless “end users” are a common straw man (or woman) in the security industry. They’re blamed for everything from data breaches to malware infections. Accepted wisdom is that companies “get it” when it comes to security – consumers (their employees) don’t. But what if it is the other way around? That’s one tantalizing bit of data you could take away from Qualys’s Browser Check service. The free online vulnerability scanning service has assessed millions of endpoints in its two years of existence. And, by and large, it has found that consumers – not corporate users – are following good security practice by migrating to more modern, and secure web browsers. In  our inaugural Security Ledger Podcast, we sat down with Wolfgang Kandek, the Chief Technology Officer at Qualys Inc. to find out. Qualys operates Browser Check (browsercheck.qualys.com), a free service that allows consumers to assess the security of their browser […]

Continue Reading

FTC Forum Will Tackle Mobile Device Threats

The U.S. Federal Trade Commission is continuing to focus its energies on protecting the growing number of consumers using smart phones and other mobile devices. Next up: a public forum to discuss threats to mobile devices. The FTC announced the one-day public forum on Friday and said it hopes to use the event to address problems like “malware, viruses and similar threats facing users of smartphones and other mobile technologies.” The event will take place on June 4th at the FTC’s offices on New Jersey Avenue NW in Washington, D.C. The public forum is just the latest effort by the nation’s leading watchdog to reign in a free-wheeling mobile application marketplace, and put stronger consumer and privacy protections in place. Earlier this month, the agency released a Staff Report that called on mobile OS, mobile device and mobile application firms to provide clearer guidelines to consumers about how their information […]

Continue Reading

Obama Lays Down The Law On Cyber Espionage

The Obama Administration on Wednesday released a report detailing new Administration measures to protect U.S. trade secrets and intellectual property. The report: “Administration Strategy on Mitigating the Theft of U.S. Trade Secrets” (PDF) establishes a new foundation for cooperation between the U.S. government and the private sector. It comes just days after a bombshell, 60-page report by the security firm Mandiant that described the activities of “APT1” – a hacking group that Mandiant claims is actually a cyber warfare unit of China’s People’s Liberation Army (PLA). In a post on the Whitehouse blog, the Administration said the Strategy is a continuation of Obama Administration policy to protect U.S. companies from the theft of trade secrets. Under the new Strategy, the Administration will take a “whole government” approach, using diplomatic pressure via the State Department, coordinated, international legal pressure through the Department of Justice and FBI. The U.S. will tap the […]

Continue Reading
1 50 51 52 53 54 57