It’s that most un-wonderful time of the year: the time when everyone writes fluffy articles full of lists, retrospectives and look-aheads. Even we did it. Many of these lists involve some variation on the theme of most overhyped or least organic or or most awesomest or lowest fat content. This article is not those articles.
Browsing Category: Mobile Security
Fake antivirus software, or “scareware” scams have been one of the tried and true methods that crooks have used to make illegal profits online in recent years.
Just a day after security researcher Stefan Viehbock released details of a vulnerability in the WiFi Protected Setup (WPS) standard that enables attackers to recover the router PIN, a security firm has published an open-source tool capable of exploiting the vulnerability. The tool, known as Reaver, has the ability to find the WPS PIN on a given router and then recover the WPA passphrase for the router, as well.
The US-CERT is warning about a vulnerability in the WiFi Protected Setup standard that reduces the number of attempts it would take an attacker to brute-force the PIN for a wireless router’s setup process. The flaw results in too much information about the PIN being returned to an attacker and makes the PIN quite weak, affecting the security of millions of WiFi routers and access points.
By Art CovielloI just came back from a five-week trip of meeting with customers around the world and never in my entire career have CEOs and corporate boards been as interested in security as they are now. The common theme throughout these conversations was that we are facing a new reality – one of persistent, advanced and intelligent threat.
VIEW SLIDESHOW Five Security Predictions for 2012What will 2012 bring? We can’t know for sure. Recent years have taught us that, when it comes to computer security, one should expect to be surprised.
The security industry can be a giant repetitive, follow-the-loser echo chamber of unoriginal thoughts, familiar flaws and copycat theories. But if ever there was a year in which folks could stand back and look at what’s gone on and say, what in the hell just happened, 2011 was it. So rather than going in for the typical year-in-review or top stories shtick, let’s just have a look back at some of the more absurd, unexpected and amusing twigs and berries from the last 12 months, shall we?
VIEW SLIDESHOW Threatpost Top Security News Stories of 2011We’ve compiled our list of the Top Security Stories of 2011, presented here in no particular order. These are the issues that shook the world’s markets and kept us awake at night.
Mobile security researchers at the firm Viaforensics say they have created a malicious mobile application that requires the phone user to grant no permissions during installation, but could give remote attackers the ability to install and execute malicious code on mobile devices running the Android operating system.
The security of Android devices has come under quite a lot of scrutiny in recent months, with researchers identifying various root exploits and permission leaks that could be exploited. In this video, researcher Thomas Cannon of ViaForensics demonstrates a method for setting up a remote shell on an Android device without using any exploits or vulnerabilities. The method works on various versions of Android, up to and including Gingerbread.