Brian Prince

Exploit kits are adopting a tactic more commonly found in botnet malware to make their attack campaigns more resilient€“€œpseudo-random domain generation.€ Among the kits being associated with this activity is Blackhole, which has emerged as one of the most prevalent exploit kits in the wild. In a recent report, anti-malware technology company M86 Security said […]

An international team of researchers claim to have uncovered a way to enhance €œpadding oracle attacks€ against cryptographic hardware such as RSA SecurID 800 authentication tokens to enable hackers to access encryption keys. However, an executive with EMC’s RSA security division dismissed the attack strategy as impractical. Padding oracle attacks attempt to trick the oracle€“such […]

Cyber-criminals are now pricing webinjects based on the specific features being requested, underscoring an ongoing movement towards flexibility in the black market, according to security researchers at Trusteer. Webinjects are malware components that launch fake Web pages or form fields when users visit certain sites, typically as part of efforts to target online bankers. Previously […]

On June 18, Microsoft pulled the covers off its Surface tablet and stimulated discussions about whether gaining consumer approval will be the gateway for the surface to infiltrate the enterprise. One way or the other however, if the bring-your-own device trend continues, enterprises are likely going to be faced with a decision to support or […]

Two reputed members of the hacking group Lulz Security (LulzSec) pleaded guilty in the United Kingdom today to charges related to Website attacks in the U.K. and in other countries, according to reports. Ryan Cleary, 20, and Jake Davis, 19, admitted to conspiring with other members of LulzSec to hack a number of Websites in […]

Security researchers at ESET have uncovered a malware campaign targeting AutoCAD drawings in an apparent attempt at industrial espionage. AutoCAD is a widely used computer-aided design application that has been in use worldwide since the mid-1980s. It allows drafting in both two-dimensional and three-dimensional formats. The campaign appears to be primarily targeting Peru and it […]

The story of the Flame continues to take more twists and turns, as a report has surfaced tying the malware to a joint cyber-effort between the United States and Israel. According to The Washington Post, Flame was developed five years ago as part of an initiative code-named Olympic Games that was designed to disrupt Iran’s […]

Roughly 9,500 new malicious sites are caught and flagged by Google every day, according to statistics released by the company on June 19. The statistics come from the company’s Safe Browsing initiative, which it started five years ago to combat malicious content on the Web. At the time, the primary goal was to safeguard Google’s […]

Kaspersky Lab has uncovered a set of malicious Android applications posing as security software. The malware is linked to the infamous Zeus Trojan, a common tool used in the theft of banking credentials. The phony security applications were first observed earlier this month, and newer versions have continued to appear, according to Kaspersky. “On the […]

Accused LulzSec hacker Ryan Cleary may not face extradition in connection with his recent indictment in the United States. Cleary, who is a British citizen, is facing charges in the U.K. related to distributed denial-of-service (DDoS) attacks against the country’s Serious Organized Crime Agency Websites as well as other sites. On June 12, a grand […]