Robert Lemos

While North American mobile users remain insulated from malicious software by the security measures surrounding the major platforms, mobile malware has made headway in other parts of the world, according to security firm McAfee. McAfee discovered almost 700,000 new variants of malware aimed at Android-based mobile devices, according to the company’s third-quarter threat report released […]

For two months, a pernicious piece of malware has spread to consumer and business computers, encrypting files and demanding payment for the key to unlock the information. The malware, known as CryptoLocker, or Crilock, gains a foothold in networks when unwary Windows users open an attachment in an email that appears to be a customer […]

Technical analysis of 11 malware campaigns has discovered signs that they share the same digital infrastructure—including the use of certificates, executable resources and development tools—suggesting that attackers are sharing code or may even be part of the same organization, according to an analysis published by threat-protection firm FireEye. The report, published in mid-November, describes how […]

Antivirus software does quite well against opportunistic attacks sent out to a massive number of people in hopes of getting some small fraction to click on a link or open a file. But attacks targeting just a few people, or even a single person, are much harder to detect. Security firm Symantec aims to tackle […]

Kelihos keeps coming back, Citadel is hard to kill, and Zeus seems immortal. Security firms, led by software giant Microsoft, have tried to shut down each of these botnets, but despite some initial signs of success, each has come back to life. Botnets, networks of compromised computers under the control of a cyber-criminal gang, are […]

Edward Snowden has not publicly stated how he leveraged his privileged access to certain servers and top-secret information at the National Security Agency into a wider fishing expedition, netting classified secrets that he had no clearance to access. The NSA hasn’t provided much insight either. This week, however, security researchers at certificate-management firm Venafi threw […]

In an effort modeled after the 1950s push to educate Americans in hard sciences and mathematics, U.S. private and public organizations have launched a number of initiatives to build cyber-security expertise this year, including partnerships with universities to develop cyber-security training programs and coursework to build a steady supply of technical graduates. This week, IBM […]

The embedded systems used by administrators to monitor servers, known as baseboard management controllers (BMCs), are poorly coded and have numerous vulnerabilities that could be used to disrupt and potentially take control of a system, according to a growing number of research reports. Earlier this month, researchers from vulnerability management firm Rapid7 found seven security […]

Edward Snowden, a former contractor with the National Security Agency, convinced up to two dozen NSA employees to part with their passwords, saying he needed the credentials to do his job, according to a Nov. 8 report by Reuters citing unnamed federal investigators. If the allegations are true, it would be a serious violation of […]

Phishing attacks are nothing new, but they are increasingly used by attackers as a way to exploit a vulnerability common to all businesses: their employees. In a study released Nov. 4, security-training firm ThreatSim found that an average of 18 percent of messages in a phishing campaign successfully induced recipients to click on a malicious […]