An alarming growth in malware signed with fraudulently obtained keys and code-signing certificates in order to trick users to download harmful code is prompting Microsoft and Symantec to push for tighter controls in the way the world's certificate authorities issue these keys used in code-signing.
Hundreds of global organizations have been infected by a Russian botnet as part of a cybercrime campaign that could be connected to the mysterious traffic spike that hit the Tor anonymity system in August, security firm Websense says.
Attackers compromised two php.net servers, injecting malicious code into the website, so The PHP Group is resetting passwords for the official website of the PHP programming language. It's also changing php.net's SSL certificate.
And to add insult to injury, you have to download 18GB of... something before the malware phishes for your personal info.
The cloud's the thing for Webroot's SecureAnywhere suites, which aim to stay nimble by living online and analyzing files on the fly. All suites protect against viruses, malware, and phishing. Two higher-end versions add iOS/Android support and system optimization tools.
Most malware is mundane, but these innovative techniques are exploiting systems and networks of even the savviest users
McAfee research indicates that a steep rise in the amount of malware signed with legitimate digital certificates—not forged or stolen ones—is a growing threat.
The Internet service and telco provider to all the European Union’s official institutions was subjected to a malware attack that “no single company or authority could withstand on its own” admitted the company’s secretary general on Thursday.
A piece of malware designed to launch brute-force password guessing attacks against websites built with popular content management systems like WordPress and Joomla has started being used to also attack email and FTP servers.