Fahmida Y. Rashid

The Federal Bureau of Investigation has warned of an elaborate spear-phishing campaign that wires money out of victims’ accounts under the cover of a distributed denial-of-service attack against the bank. The new spear-phishing campaign masquerades as emails from the National Automated Clearing House Assocation (NACHA) and downloads a variant of the Zeus banking Trojan onto […]

Shortly after Symantec publicized the Duqu Trojan in October, the unknown perpetrators behind the data-gathering malware removed traces of their activity from all their command and control servers to cover their tracks, Kaspersky Lab researchers have discovered. Despite the “massive cleanup,” Kaspersky researchers were still able to gather information on Duqu’s C&C infrastructure, Vitaly Kamluk, […]

In a letter to Congress, Amazon assured lawmakers that its Silk Web browser used by the Kindle Fire tablet doesn’t violate user privacy. The Silk browser will only aggregate browsing activity across all users and browsing activity would not be linked to individual Kindle fire users, Paul Misener, vice president for global public policy at […]

Led by a former Cisco executive, Agari launched its cloud services to help “brand owners” identify messages spoofing their domain names and help organizations block those spam and phishing messages. With its Email Trust Fabric, the startup plans to give organizations a way to authenticate their email correspondence and apply policy controls over messages being […]

Enterprises are using encryption in more places than ever, but they are not properly securing the keys or using consistent products, a recent report found. Despite using encryption, poor key management and lack of control over the technologies being used can cost the organization an average of $124,965 a year, according to the 2011 Enterprise […]

Developers of fake antivirus software are getting better at copying the look and feel of legitimate antivirus products to make it harder for victims to tell whether they are being scammed or not, according to Kaspersky Lab. A fake antivirus Website was found specially designed to mimic the interface for antivirus products from Kaspersky Lab, […]

Columbia University researchers demonstrated a bug in common office printers that could be used to forward documents to a remote computer or to remotely send commands that heat up and physically damage the printers, according to a Nov. 29 MSNBC.com report. Professor Salvatore Stolfo and researcher Ang Cui of Columbia University’s School of Engineering and […]

Cyber-attackers continue to target vulnerabilities in Java, even the ones that Oracle has already patched, because end-user systems aren’t being properly updated, Microsoft warned. “Between one-third and one-half” of all attacks detected and blocked by Microsoft’s security software from the beginning of July 2010 to the end of June 2011 were Java-based, Tim Rains, a […]

Facebook and the Federal Trade Commission have reached a settlement over charges the social networking giant engaged in deceptive behavior when it changed its users’ privacy settings without permission. The FTC settlement bars the social networking site from making any “further deceptive privacy claims” and requires Facebook to get explicit approval from users before changing […]

Asterisk Asterisk is an open-source voice-over-IP (VOIP) platform. With Asterisk, administrators can turn any computer into a communications server such as IP PBX systems, VOIP gateways and conference servers. Sponsored by Digium, the software appliance is available as AsteriskNOW and there are a number of vendors that sell Asterisk-based appliances. Untangle Gateway Platform The Untangle […]