malware

Apple marketing chief jabs Android security on Twitter

Apple marketing chief Phil Schiller has been a semi-regular Twitter user since 2008, though mostly tweets about things like music, movies and sports.

But that changed earlier today with a post linking to F-Secure Labs' latest quarterly Mobile Threat report, with a casual mention to "be safe out there."

The 29-page report's (PDF) key finding is that malware on Google's Android is getting worse, in part because of the platform's brisk growth and a new variant of malware that spread using SMS.

"Android malware has been strengthening its position in the mobile threat scene,&… Read more

Avast Free Antivirus 8.0.1483.72

Looking to compete with both paid and free security suites, Avast wants to create a unified approach to your computer security. Long gone are the days of the quirky interface. Avast is accessible and robust, with an impressive list of free features and strong, though hardly stellar, performance benchmarks.

Installation Avast has improved its installation process so it's faster than before. It's not the fastest on the market, not by a long shot, but a standard installation took us about three minutes -- around the same as last year.

Some items of note during the installation that will … Read more

Avast Pro Antivirus 8.0.1483.72

Looking to compete with both paid and free security suites, Avast wants to create a unified approach to your computer security. Long gone are the days of the quirky interface. Avast is accessible and robust, with an impressive list of free features and strong, though hardly stellar, performance benchmarks.

Installation Avast has improved its installation process so it's faster than before. It's not the fastest on the market, not by a long shot, but a standard installation took us about three minutes -- around the same as last year.

Some items of note during the installation that will … Read more

Oracle issues emergency Java update to patch vulnerabilities

In response to discovering that hackers were actively exploiting two vulnerabilities in Java running in Web browsers, Oracle has released an emergency patch that it says should deal with the problem.

"These vulnerabilities may be remotely exploitable without authentication, i.e., they may be exploited over a network without the need for a username and password," Oracle wrote in a security alert today. "For an exploit to be successful, an unsuspecting user running an affected release in a browser must visit a malicious web page that leverages these vulnerabilities. Successful exploits can impact the availability, integrity, and … Read more

More Java-based malware plagues the cross-platform runtime

Java cannot seem to get a break. Only a few days after patching the last zero-day vulnerability, two more exploits are being found that make use of the runtime. One, as noted by Kaspersky, is a recent exploit of the latest runtime's attempts to install a McRAT executable by overwriting memory in the JVM that will trigger the executable to run.

Once installed, the McRAT malware will attempt to contact command and control servers and copy itself into dll files in Windows systems.

This malware is specifically Windows-based; however, a second one outlined by Intego, is a Minecraft password-stealing … Read more

New Avast features roll out to fan legions

The new version of the Avast security suite focuses on repairing the past mistakes of Windows. Debuting today exclusively with CNET's Download.com, Avast 8 addresses some of today's most pressing security concerns but leaves at least one other growing problem unresolved.

All told, Avast Free Antivirus 8 (download), Avast Pro Antivirus 8 (download), Avast Internet Security 8 (download) and the new top-tier suite, Avast Premier 8 (download) command upwards of 170 million active users, making Avast the most popular consumer security suite by a long shot.

Although the suite leaves privacy in the cold, the rest of … Read more

'MiniDuke' malware takes aim at Euro governments via Adobe

A new attack is targeting European governments through flaws exploited in Adobe's Reader software, according to security researchers.

Kaspersky Lab and CrySys Lab today detailed a new malicious program in the wild, called "MiniDuke," that has been attacking government entities and institutions across Europe. Government entities in the Ukraine, Portugal, Romania, and others have been targeted, according to the security researcher.

MiniDuke finds its way to infected computers through PDFs. The malicious hackers -- who Kaspersky believes might have been dormant for some time because of the technique's similarity to those from the late-1990s -- have … Read more

What is the Eicar testfile?

When Apple updates its XProtect anti-malware system in OS X with new definitions, it often means a new or updated threat has been found for OS X.

Earlier this morning, Apple issued an update to XProtect, which now includes a new definition for a malware package called "OSX.eicar.com.i," that comes from Eicar.com. This update suggests the new definitions are for a novel malware package, but this is not so with this latest update.

"Eicar" stands for the European Institute for Computer Antivirus Research, which is a group that investigates malware and security … Read more

NBC Web site back up after hack attack

NBC's Web site is up and running again after being knocked offline by a cyberattack for several hours yesterday.

The NBC site was the victim of a form of malware known as the Citadel Trojan. This specific strain targets companies in an attempt to steal usernames, passwords and other sensitive data. People who visit sites infected by the trojan can find their own PCs infected as well.

In the past, Citadel typically attacked banks and financial firms but has since expanded its reach to a wider range of organizations.

NBC, which is part of cable giant Comcast, is still trying to figure out how the attack occurred, … Read more

Malware getting smarter, says McAfee

Malware continues to grow, not just in volume but in sophistication, according to a new report from McAfee.

Released today, the security vendor's fourth-quarter 2012 Threats Report found that more organizations are being targeted by more clever cyberattacks.

The number of trojans designed to steal passwords rose 72 percent last quarter. Some of these trojans are part of "customized" threats, while others are packaged with more "off-the-shelf" forms of malware. As one example, the Citadel trojan was specifically designed to hit financial services companies.

Operation High Roller and Project Bliztkrieg were also cited by McAfee … Read more