Monthly Archives: June 2012

Cyber-Underground Takes Buffet Approach to Selling Bank Fraud Malware

Cyber-criminals are now pricing webinjects based on the specific features being requested, underscoring an ongoing movement towards flexibility in the black market, according to security researchers at Trusteer. Webinjects are malware components that launch fake Web pages or form fields … Continue reading

Posted in IT Compliance, News | Leave a comment

AutoCAD Worm Stealing Designs, Blueprints

Security researchers have come across a new worm that is meant specifically to steal blueprints, design documents and other files created with the AutoCAD software. The worm, known as ACAD/Medre.A, is spreading through infected AutoCAD templates and is sending tens … Continue reading

Posted in News | Leave a comment

Thousands of office printers hit by “gibberish” malware

Thousands of office printers from large businesses around the world are churning out page after page of gibberish and wasting vast reams of paper. For once it seems malware is to blame. Dubbed “Trojan.Milicenso,” it has been described by security … Continue reading

Posted in IT Compliance, News, Security Awareness | Leave a comment

How Advanced Malware Bypasses Process Monitoring

One of the primary aims of an anti-virus (AV) engine is to monitor all process activity—while malware, on the other hand, wants to avoid detection by AV. The philosophy of most rootkits is to run silent and deep, which also … Continue reading

Posted in IT Compliance | Leave a comment

Apple Drops ‘We Don’t Get PC Viruses’ Schtick

Apple has made a small change to a Mac marketing webpage that is a big deal to people who care about computer security. We’re talking about the “Why you’ll love a Mac” webpage. For the past couple of years, Apple … Continue reading

Posted in News, Security Awareness | Leave a comment

Cyber-Security Threats, Infrastructure Sabotage Rising: McAfee

Organizations need to shield themselves from the rising threat of cyber-attacks and sophisticated sabotage directed at IT infrastructure, according to a report issued by security specialist McAfee and the Pacific Northwest National Laboratory, a federal contractor to the U.S. Department … Continue reading

Posted in IT Compliance, Sarbox Services | Leave a comment

Scores of U.S. firms keep quiet about cyber attacks

(Reuters) – Scores of U.S. companies have not disclosed breaches of their computer systems, even though eight months have passed since U.S. securities regulators issued guidelines on disclosing cyber attacks, according to leading security experts. Calling for more rigorous rules … Continue reading

Posted in IT Compliance | Leave a comment

‘State-sponsored attackers’ using IE zero-day to hijack GMail accounts

Microsoft and Google have separately warned about a new Internet Explorer zero-day being exploited to break into GMail accounts. The browser flaw, which is currently unpatched, expose Windows users to remote code execution attacks with little or no user action … Continue reading

Posted in IT Compliance, News | Leave a comment

XML Zero-Day Flaw Enables Attacker to Target Internet Explorer, Office

A zero-day flaw in versions of Microsoft’s XML Core Services (MSXML) is being actively exploited in the wild. The vulnerability, which was discovered by Google, exists when MSXML attempts to access an object in memory that has not been initialized, … Continue reading

Posted in IT Compliance, News, Security Awareness | Leave a comment

F-Secure chief warns Siri is ‘unsafe for business’

Apple’s Siri is unsuitable for business and enterprise networks, according to F-Secure vice-president Maria Nordgren. Why? Not only has Siri read your contacts, knows your calendar off by heart, and probably knows your partner’s birthday, it may also know your … Continue reading

Posted in IT Compliance, News, Security Awareness | Leave a comment