Robert Lemos

Claiming to own a fundamental patent on using out-of-band communications for user authentication—for example, using a smartphone to securely confirm a user’s intent to log into a Website—little-known Edison, N.J.-based StrikeForce Technologies is looking to shake up the security industry. On March 28, the firm filed a lawsuit against Microsoft and its recently acquired PhoneFactor […]

The attacks that disrupted operations at several South Korean banks, broadcast companies and energy firms have technical similarities that may link the digital campaign to a series of DDoS (distributed denial-of-service) attacks in 2011, security firm Symantec stated in a blog post on March 29. On March 4, 2011, more than three dozen South Korean […]

A distributed denial-of-service (DDoS) attack on Internet blacklist maintainer Spamhaus has topped 300G bps, powered by “open recursive resolvers,” which allow attackers to turn modest attacks into overwhelming floods of traffic. A DDoS attack using a technique known as DNS reflection has resulted in what many security experts are calling the largest DDoS attack to […]

Common antivirus software packages fail to detect nearly 40 percent of malware seen by the average corporate network, according to data from network security firm Palo Alto Networks. In a report based on data from more than 1,000 actual company networks, Palo Alto found that antivirus products have great success rates against malware that spreads […]

A security researcher disclosed vulnerabilities in Samsung smartphones this week with the intention of highlighting the slow rate at which flaws are fixed in mobile devices. In a March 19 blog post, security researcher Roberto Paleari described four vulnerabilities found in various Samsung devices based on the Android operating system. The researcher informed Samsung of […]

A destructive piece of malware, similar in function to the program used to delete data on tens of thousands of computers at a Middle Eastern oil conglomerate, caused widespread outages March 19 at major businesses in South Korea, IT security firms confirmed on March 20. The malware, dubbed “Jokra” by security firm Symantec, wipes all […]

In the first known example of an attempt to hack a U.S. election, an online attacker took advantage of the lax security surrounding the online process of requesting absentee ballots in the 2012 primary in Miami-Dade County, Florida, to order more than 2,500 ballots. The scheme could have actually worked if it was done with […]

The developer behind the Ramnit botnet—a program focused on banking fraud as well as stealing cookies and credentials from its victims—has stripped out the program’s infection capabilities and is now focusing on better avoiding anti-malware defenses and improving its botnet management capabilities, Microsoft stated in a March 14 blog post. Since 2010, the author of […]

The number of security vulnerabilities discovered in software products rose 5 percent in 2013, but the most common applications on desktop systems had fewer flaws reported this year, according to a report released by vulnerability management firm Secunia. The report underscores the shift in vulnerability researchers’ and attackers’ strategies from focusing on finding flaws in […]

In comments at separate congressional hearings, the leaders of the U.S. intelligence efforts and of the nation’s quickly growing Cyber Command warned that cyber-operations by nation-states and rogue adversaries have become a major concern for the country, eclipsing the threat of terrorism and weapons of mass destruction. In his delivery of the worldwide threat assessment […]