A new worm that appears to be targeted at Iran seeks to sabotage corporate databases by searching for specific phrases and values and replacing them with random ones.
This latest bug, dubbed the "Narilam" worm, goes after Microsoft SQL databases, according to Symantec, which first uncovered the malicious code.
Security firm Symantec has discovered a specialised worm called W32.Narilam that can compromise SQL databases. Symantec reports that the malware "speaks" Persian and Arabic and appears to target mainly companies in Iran. Narilam is, therefore, reminiscent of Stuxnet and its variants.
Security vendor Sourcefire, Inc. has expanded its flagship FirePower appliance line that will enable solution providers to remediate malware attacks faster.
According to Mike Guiterman, SourceFire director of worldwide channel marketing, the Columbia, MD-based company's new version of FirePower can track files from the point of entry and then keep tabs on it as it moves throughout the network. If those files reveal that they are malware of somekind FirePower can locate and provide post-infection remediation.
A new iteration of backdoor trojan Makadocs is capable of hiding its command-and-control (C&C) server communications by abusing a legitimate Google Docs function.
Symantec researchers discovered that the malware used Google Docs, a document sharing and editing service, as a proxy server, or intermediary step, to pass along information to C&C servers, according to a Friday blog post.
Researchers from malware.lu, a Luxembourg-based malware analysis and incident response team, have created proof-of-concept malware that allows attackers to gain access to and remotely control users' USB smart card readers.
Smart cards (chip cards) are used for various purposes, among which are also user identification and authentication. Spanish and Belgian citizens already have an eID card that is used for identification, authentication and for digital signing.
A researcher has developed malware capable of remotely stealing two factor PINs generated by USB smartcards.
The malware was unique in that it used a driver to access the USB port and ship PINs stolen using a keylogger to a remote command and control server.
Author and penetration tester Paul Rascagneres (RootBSD) said the malware would work on most USB smartcards. "I did not test the proof of concept on all providers, but as the malware shares the USB device in raw, we do not target any specific smartcard," Rascagneres said.
A new variant of Mac malware Imuler has been identified targeting Tibetan activists. The discovery was made by Bellevue, Wash.-based Apple platform security vendor Intego Inc.
According to a blog post by Lysa Myers, a virus hunter at Intego, the malware has been identified as OSX/Imuler.E, and shows many similarities to OSX/Imuler.D, which also targeted Tibetan activists.
Be sure to double check that Groupon you received in your e-mail -- spammers are using the popularity of e-mailed advertisements for group discount deals to send more malware.
The rise of malware through fake e-mail advertisements and notifications are on the rise, according to a study released today by security firm Kaspersky Lab.
"They are primarily doing so by sending out malicious e-mails designed to look like official notifications. Kaspersky Lab is seeing more and more malicious spam designed to look like coupon service notifications," the report said.
North Carolina State University researchers have revealed a vulnerability in Android that allows SMS messages to be sent from one app to another without going over the air, something they say could be used for SMS phishing attacks.
The Xuxian Jiang-led team is the same group that gave the world the Android click-jacking rootkit, a phone-call bugging vulnerability, and identified a dozen malicious apps on Google Play in 2011.
After a persistent series of attacks on its government computers by a Russian hacker, the Republic of Georgia got mad and refused to take it anymore.
In a reversal of roles, members of the country's Computer Emergency Response Team (CERT) suckered the cybermiscreant into downloading a file infected with his own spyware that allowed CERT to photograph the alleged hacker with his computer's webcam and ransack its hard drive for files.
