Fahmida Y. Rashid

Within hours of the devastating earthquake and tsunami in Japan, cyber-criminals had poisoned search results based on the disaster with malicious links. Users searching on “most recent earthquake in Japan” may encounter some malicious links to fake anti-virus software, Trend Micro researchers said March 11. Malware writers used black-hat search engine manipulation techniques to push […]

The vulnerability in Internet Explorer 8 that researcher Stephen Fewer exploited at the Pwn2Own hacking contest this week has already been fixed in Internet Explorer, according to Microsoft. During the CanSecWest Pwn2Own challenge, Fewer chained three different vulnerabilities to hack into IE8 on a fully patched Windows 7 machine. The attack also included a way […]

Revelations from HBGary e-mail keep on rolling in. The latest e-mail identifies several more high-profile companies hit by attacks similar to Operation Aurora. E-mail stolen from HBGary’s mail servers by hacktivist group Anonymous earlier this year revealed that the same Chinese hackers who had attacked Google as Operation Aurora had also targeted chemical company DuPont […]

There have been hints over the past few months that malware authors collaborate on code just like legitimate application developers. First, there was the merged code between Zeus and SpyEye. Then researchers found three major botnets that seemed to be taking on each other’s characteristics to spread Trojans and spam. What’s unexpected, are signs the […]

Research In Motion’s BlackBerry was brought low by WebKit-the same open-source technology behind Safari’s defeat-and the Apple iPhone was compromised by a flaw in MobileSafari on the second day of the hacking contest. A trio of researchers under the name Team Anon successfully exploited multiple WebKit vulnerabilities in a drive-by-download attack to compromise the BlackBerry […]

A white hat Website that identifies malicious domains is under attack by criminals using Zeus and SpyEye toolkits. Cyber-criminals using the SpyEye and Zeus rootkits are conducting a DDoS (distributed denial-of-service) attack against a Swiss “white hat” Website, abuse.ch, according to researchers at RSA’s FraudAction Research Lab. The Swiss site has been identifying rogue Internet […]

Size doesn’t mean everything when trying to determine how dangerous a botnet is, and new metrics are needed to provide more accurate estimates, according to a European security agency. Security researchers often estimate the size and scope of a botnet to describe the army of zombie machines ready to launch malicious attacks at the will […]

Social Security numbers and confidential data about child abuse cases were among the data found on computers the state of New Jersey planned to sell, auditors found. The state comptroller’s office examined a sample of computers stored in a warehouse and found 79 percent still contained information, according to an audit report released March 9. […]

With more workers bringing their favorite smartphones to the office, CIOs are concerned about mobile data security and how employee devices are managed, according to a recent research study. CIOs from large organizations in the United States and the United Kingdom were surveyed about their mobile security concerns in a mobile security report from Mformation […]

The International Women’s Day Web site was bombarded with a distributed denial-of-service attack for most of March 8. Let’s break that statement down a bit. March 8 was International Women’s Day, and 2011 marked its 100th anniversary. IWD had predicted the biggest celebration ever, with over 2,000 events happening throughout the world organized by women’s […]