[img_assist|nid=3212|title=|desc=|link=none|align=left|width=77|height=118]iPhone users beware – an ongoing phishing campaign impersonating Apple.com, attempts to trick users into submitting sensitive device information, with the scammers in a perfect position to use the data in a countless number of fraudulent variations. Read the full article. [ZDNet]
[img_assist|nid=3208|title=|desc=|link=none|align=right|width=100|height=100]Malware hunters at SecureWorks have intercepted a new banker Trojan being used by cyber-criminals to steal financial credentials from banks in the U.S.The Trojan, dubbed “Bugat,” targets Automated Clearing House (ACH)
and wire transfer transactions by small- and mid-sized business in the U.S., much like the virulent Clampi Trojan that has stolen tens of millions of dollars.
[img_assist|nid=3200|title=|desc=|link=none|align=left|width=100|height=100]Peiter Zatko — a respected hacker known as “Mudge” — has been tapped to
be a program manager at DARPA, where he will be in charge of funding
research designed to help give the U.S. government tools needed to
protect against cyberattacks. Read the full article. [cnet]
Federal authorities are charging a Las Vegas man with marketing a
so-called “cookie-stuffing” operation, enriching himself and others
while defrauding eBay along the way. Read the full article. [Wired]
[img_assist|nid=3202|title=|desc=|link=none|align=left|width=120|height=95]With millions of personal records and payment card information stolen
on a regular basis, several recently released reports independently
confirm some of the main sources of breaches. Not surprisingly, that’s
not zero day flaws, not even insiders, but good old fashioned SQL injections next to malware infections. Read the full article. [ZDNet]
[img_assist|nid=3190|title=|desc=|link=none|align=right|width=100|height=100]Some of the bugs Microsoft patched today will be exploited by hackers almost immediately, security researchers predicted. Microsoft’s massive update — a record-tying 13 separate security bulletins that patched 26 vulnerabilities — gives attackers all kinds of ways to compromise machines and hijack PCs. Read the full article. [Computerworld]
[img_assist|nid=3187|title=|desc=|link=none|align=left|width=100|height=100]Purveyors of a new botnet toolkit are touting a feature aimed at
aspiring cybercriminals: the opportunity to commandeer computers
already compromised by an established crimeware package known as Zeus. Read the full article. [The Register]
[img_assist|nid=3181|title=|desc=|link=none|align=right|width=100|height=100]Microsoft today released 13 security bulletins with fixes for 26 vulnerabilities affecting Windows and Office users and warned customers to pay special attention to a slew of flaws that can be trivially exploited by malware miscreants.
[img_assist|nid=3176|title=|desc=|link=none|align=left|width=100|height=100]Adobe has acknowledged that an internal screw-up caused a potentially dangerous Flash Player flaw to remain unpatched for more than 16 months after it was first reported by an external security researcher.”It slipped through the cracks,” said Emmy Huang, a product manager for Flash Player. Adobe’s mea-culpa follows the public release of proof-of-concept code demonstrating a Flash Player browser plug-in crash.
[img_assist|nid=3170|title=|desc=|link=none|align=right|width=100|height=100]Dennis Fisher talks with Tyler Shields of Veracode about his BlackBerry spyware application, txsBBSPY, the coming wave of smartphone attacks and his lack of surprise about the Google Aurora attack.