A hole in the locking feature of iPad 2 could allow anyone to access to data and applications on a locked device, according to a recent report from 9to5mac.com. The bypass involves an intricate sequence of steps using the iPad 2’s Smart Cover, an accessory that magnetically folds over the tablet, to work around the device’s Lock screen.
There is a new worm circulating right now that is compromising servers running older versions of the JBoss Application Server and then adding them to a botnet. The worm also attempts to install a remote access tool in order to give the attacker control over the newly infected server.
By Alex GostevFirst of all, we feel it necessary to clarify some of the confusion surrounding the files and their names related to this incident. To get a full understanding of the situation you only need to know that we’re talking about just two malicious programs here (at a minimum) – the main module and a keylogger. All that has been mentioned in last 24 hours about connections between Duqu and Stuxnet is related mostly to the first one – the main module.
Sweden has suffered from a barrage of malware over the last two months and saw a 3700% increase in JavaScript-based redirection scripts in September alone, according to a recent post on Securelist by Kaspersky Lab’s David Jacoby.
To hear many of the leading computer security experts, Tuesday, October 18 was “D-Day,” with the “D” standing for “Duqu,” a new piece of malware that virus experts were tripping over each other to call “Stuxnet 2.0.” “Stuxnet Clone ‘Duqu’ Possibly Preparing Power Plant Attacks” read a headline on the Website of Foxnews, summing up the air of hysteria surrounding the new malware. But less than a day later, questions are being raised about the purpose and threat posed by the new malware.
By Tillmann WernerAbout two weeks ago, the German Chaos Computer Club (CCC) has published an analysis report of a backdoor trojan that they claim had been used by German police during investigations in order to capture VoIP and IM communication on a suspect’s PC. Our friends over at F-Secure published a blog post last week where they wrote about another file that, according to them, seemed to be the dropper component of the trojan. They were kind enough to share the MD5 hash of the file, so we could pull it from our collection. Stefan and I took a closer look.
With virus researchers scrambling to decode a new piece of malware that is based on the code of the Stuxnet worm, an analyst at McAfee is speculating that the new worm, Duqu, may have been created to target certificate authorities.
Virus researchers at Symantec Corp. have discovered a variant of the Stuxnet worm, dubbed Duqu, that is designed to steal information about industrial control systems. Symantec said the malware, which has turned up on more than one customers’ network, could be used to gather data for a future attack.
The Obama Administration reportedly debated kicking off its latest war-effort in Libya with a cyber-offensive targeting the Qaddafi regime’s air-defense infrastructure, according to a report from the New York Times.
Researchers from MIT and Georgia Tech have developed a new technique that enables them to use the accelerometer in an iPhone or other smartphone to capture keystrokes from a nearby PC and decipher the typed words with about 80 percent accuracy. The tactic, while quite complicated, could be used to conduct password-recovery or other attacks on unsuspecting victims.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
