Researchers from Kaspersky Labs claim to have discovered the most sophisticated piece of malware available on the Web. Detected by their antivirus product as TDSS, the Trojan employs a number of methods to avoid detection, including the use of encryption between the botnet command and control server and its zombies and a powerful rootkit component that conceals the presence other types of malware in a given system.
Customers of EMC’s RSA Security division that are worried about being the victim of an attack following the theft of sensitive data relating to that company’s SECURID tokens may not need to rush out and replace those tokens, according to security consulting firm Verizon Business.
The following is an exclusive Threatpost interview with Samuel Weber, Program Director for the National Science Foundation’s Trustworthy Computing Program. The interview took place on Monday, June 27, 2011 at the RFIDSec 11 Conference on the campus of the University of Massachusetts, Amherst.
Groupon is calling on users of their India subsidiary, Sosasta.com, to change their passwords after the company accidentally published a database containing the usernames and passwords of some 300,000 customers, according to a report from Risky.biz.
AMHERST, MASS.– The U.S. may boast the world’s largest economy, richest technology companies and a lion’s share of its top research universities. But when it comes to the subject of security of RFID (Radio Frequency ID) and other contactless technologies, America is still playing catch-up.
A certification authority called StartSSL was attacked and compromised recently and forced to suspend the issuance of SSL certificates indefinitely. However, unlike earlier attacks on CAs such as Comodo, the attackers were not able to gain access to the material necessary to issue themselves valid certificates for arbitrary domains.
RSA acknowledged on Monday that a hack at Lockheed Martin was tied to the theft of information on its SecurID tokens. The company offered to replace the tokens for customers, but experts wonder whether RSA should go further and recall SecurID tokens from the market.
In the wake of a string of attacks against high-profile users of RSA Security’s SecurID tokens including Lockheed Martin, the company has posted an open letter to its customers, trying to reassure them that the tokens are secure and that the attacks don’t represent a new threat to these businesses. However, the company is now offering to replace SecurID tokens for its corporate customers, a user base of tens of millions of people.
Executives at U.S. defense contractor L-3 Communications warned employees in April about an attempt by unknown assailants to compromise the company’s network using forged SECURID tokens from RSA. The report, if accurate would be the second attack on a leading defense contractor with links back to a high-profile hack at RSA Security, the security division of EMC Corp. in March.
Google announced its long-awaited mobile payments platform, Google Wallet, in New York City on Thursday. The company claims it will revolutionize commerce. But with stories about massive data breaches and hacks an almost daily occurrence, consumers are most concerned about whether Google Wallet is secure. Here’s what you need to know.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
