Subscribe Contact Us About Us Advertising Editorial Calendar SC US SC Aus/NZ

RSS | Login | Register

Emerging Threats

"Nine-Ball" mass injection attack compromised 40,000 sites

Angela Moscoritolo June 18, 2009

A new threat dubbed "Nine-Ball" has compromised up to 40,000 legitimate websites, which are, in turn, infecting users with an information-stealing Trojan, according to security vendor Websense.

New Sality variant contains moneymaking twist

Angela Moscaritolo February 23, 2009

Users should be cautious of a new virus variant that leverages the old technique of file infection with the modern-day desire for financial gain, security researchers have warned.

New Symbian mobile malware in the wild

Angela Moscaritolo February 23, 2009

A new worm targeting mobile devices running Nokia's Symbian OS is spreading in China in a unique way: through malicious links contained in text messages.

2008: A year of cybercriminal innovation

Angela Moscaritolo December 05, 2008

With the emergence of new attack techniques and the reinvention of old ones, 2008 has been a year of cybercriminal innovation.

X-Force at mid-year: Cybercriminals get faster

Sue Marquette Poremba July 31, 2008

Cybercriminals are adopting new automation techniques and improving on strategies that enable them to exploit vulnerabilities rapidly, a new study reveals.

Multiple vendors cooperate to issue DNS design flaw fix

Dan Kaplan July 09, 2008

A massive domain name server (DNS) design vulnerability that could permit cache poisoning - effectively allowing an attacker to direct users to the website of his choosing - is set to be fixed by an unprecedented synchronized series of multivendor patches.

Steganography harnesses VoIP networks

Wojciech Mazurczyk and Krzysztof Szczypiorski July 04, 2008

Steganography is an established technique to hide secret data inside normal data transmissions, but new techniques are being developed to hide packets inside routine VoIP traffic, and escape detection

Steganography developers turn their attention to hiding information in VoIP

Richard Thurston July 04, 2008

The abundance of voice over IP equipment has led researchers to develop a range of techniques which, instead of hiding information in standard data traffic, will allow individuals to instead hide information in VoIP streams

Data watchdog admits to deluge of Central Government breach info

Richard Thurston July 03, 2008

The Information Commmissioner's Office has revealed it has been voluntarily informed of a huge number of security breaches - mostly in Westminster - while it eyes up plans for a new law which could make the reporting of such incidents compulsory

PCI standard widened to include unattended point-of-sale terminals

Richard Thurston July 02, 2008

Terminals such as those found in vending machines and on fuel pumps are to be included in additional guidelines to be written by the PCI Security Standards Council, producing extra demands on retailers

US Army set to hire internet spies

Richard Thurston July 02, 2008

The American military is to increase its intelligence on the internet by hiring a contractor to analyse web pages, chatrooms and blogs on pertinent threats 24 hours a day

Europe just "weeks" away from data sharing deal with FBI

Richard Thurston July 01, 2008

Brussels insiders have confirmed that the European Commission is nearing the conclusion of talks with the Americans over the provision of citizens' personal information to the FBI for terrorism fighting purposes

Microsoft presses deeper into security space

Richard Thurston June 30, 2008

The software giant is spearheading its second global security initiative in a week, this time aiming to co-ordinate security response systems with other vendors

Case study: Deep inside the Serious Fraud Office's digital forensics unit

Richard Thurston June 26, 2008

The SFO invited SC Magazine for a sneak preview of its recently revamped digital forensics unit, where scientists were hard at work dissecting and interrogating the latest mobile devices

Oyster card hackers may have their research blocked

Richard Thurston June 26, 2008

Two Dutch academics who came to London last week to prove they could break the cipher behind London's Oyster travel card have been warned by the country's Government not to expose any secrets in their upcoming paper on the subject

Pacific island knocked off internet by DDoS attack

Richard Thurston June 26, 2008

The Marshall Islands have been subjected to a prolonged bout of unexpected email traffic, preventing citizens receiving emails, but the reason for the attack remains unclear

Vulnerability in Adobe Acrobat leads to public exploit

Dan Kaplan June 25, 2008

Adobe has updated its Reader and Acrobat products to shore up a major vulnerability that is already being exploited in the wild

ESET launches anti-malware for Windows Mobile

Richard Thurston June 20, 2008

The security company has released a free beta version of a software product which aims to prevent malware from infecting Windows Mobile devices

Trend Micro takes security into the cloud

Richard Thurston June 19, 2008

The software vendor has unveiled its new approach to internet security, which means transferring the workload off individual PCs and into the internet

Coffee drinkers in peril after espresso overspill attack

Richard Thurston June 19, 2008

A geeky risk advisory manager from global accountancy firm BDO has hacked into a leading coffee machine, causing it to pour scalding water onto unsuspecting espresso lovers

Stolen data found on international crimeservers

Chuck Miller June 19, 2008

Two crimeservers containing half a gigabyte of stolen data have been discovered in Argentina and Malaysia; the data was likely being made available to the highest bidder

Interview: Louise Bennett

Richard Thurston June 17, 2008

As the chair of the security forum at the British Computer Society, Dr Louise Bennett has an excellent bird's eye view of what's going wrong with the nation's security, as she tells SC Magazine

Symantec pledges support to under-fire malware tests

Richard Thurston June 16, 2008

The security vendor says it's "absolutely" committed to the VB100 anti-malware tests, following Trend Micro's announcement of a boycott earlier this month

Ministry of Defence to bolster internet intelligence

Richard Thurston June 13, 2008

The MoD is increasing its focus on online intelligence gathering - partly by using information from newspapers and blogs - and admits it needs to start exploiting data held in networks owned by other countries

Securing businesses is "extremely challenging", claim UK bosses

Richard Thurston June 10, 2008

British businesses are finding that protecting their organisations from hackers, social networking threats and browser vulnerabilities is an increasing struggle, according to research

Motorola RAZR found vulnerable to JPEG attack

Richard Thurston May 29, 2008

Hackers could run malicious code on the RAZR device by sending a corrupt image by MMS, according to an advisory from TippingPoint

ENISA warns Europe to step up to prevent 'digital 9/11'

Richard Thurston May 29, 2008

The European Commission's security advisor says that imbalances between member states must be ironed out and the reporting of security breaches must become mandatory in order to tackle the threat of cyberattacks

Brute-force SSH attacks surge

Richard Thurston May 16, 2008

An incident handler from SANS' Internet Storm Center has warned businesses to ensure their servers are secure as SSH attacks rose five-fold early this week

EU Commission says payment fraud moving to the internet

April 30, 2008

In spite of efforts to halt electronic fraud, the internet has remained a dangerous place to do business, according to a report from the European Commission. It reported ten million fraudulent transactions that cost European Union merchants a cumulative 1.5 billion Euros (£1.1 billion) in losses each year.

Latest News

« Previous

Most Popular
Most Emailed
Most Recent