Blackshades RAT Pops Up in Attacks on Syrian Activists

They just do not stop having targeted malware attacks in Syria. Just a few days after the author of the Dark Comet RAT announced he was shutting down development and sales of the tool, partly because it was used in attacks by the Syrian government, experts have found that pro-government attackers are using the Blackshades RAT for similar attacks on anti-government activists.

Passwords are Dead, Long Live Passwords

Passwords as a defensive measure are complete rubbish. There’s no two ways about that. The fact that high-value services such as online banking, corporate email and data storage use simple passwords as the only real security mechanism is a sad commentary on the state of defensive technologies. But, as the continued parade of password leaks of late proves on a daily basis, users who believe these companies are protecting their passwords are sadly mistaken.

If it’s a day ending in Y, then there must be another password leak. And today it’s Yahoo’s turn in the spotlight, as the company is investigating claims that more than 400,000 plaintext passwords were stolen from the company and posted online. Security researchers who have looked at the data say that it appears that the passwords came from the company’s VoIP service.

Researchers analyzing the Dark Comet remote access Trojan (RAT) program say that data from more than 400 campaigns suggests the malicious program is being used for a wide range of jobs, from attacks on online gamers, to potential hacks of air force bases and government Web sites. 

A scheduled talk at the Black Hat Briefings security conference in Las Vegas later this month may have dealt a fatal blow to the once ballyhooed Windows Sidebar and Windows Gadgets. Redmond, Washington-based Microsoft, on Tuesday, issued a software “fix” that disables gadgets and the Windows sidebar on Vista and Windows 7 entirely.