While origin unclear, Gauss indicates malware tool boom. Startup envisions CISO collective to share cyberattack information. Network World - A startup called SecurityStarfish intends to become the central point where chief information security officers (CISO) can discreetly share information about cyberattacks and obtain anonymized real-time information from others in order to deter cybercrime against their organizations.
Media sites brace for hacktivist attacks. Traditional news companies and other websites covering this year's presidential election are preparing for a flood of web traffic over the coming months, and not just from political junkies.
Politically motivated hacktivist attacks have become a top concern among companies providing election coverage online. Leaked emails indicate tech companies' interest in TrapWire. Emails released by WikiLeaks indicate governments and large corporations including Google and Salesforce.com may be interested in or are already using a spy tool called TrapWire to prevent terrorist attacks against critical facilities.
Developed by Abraxas, TrapWire is a video-surveillance program built to detect "various discreet, but identifiable indicators of pre-attack preparations," according to Abraxas documentation made available on the Bitdefender blog. Information gathered from TrapWire can be shared with law enforcement agencies to assist in counterterrorism efforts, reports the Hot for Security blog. Details on the possible use of TrapWire were found in emails stolen from Stratfor Global Intelligence, a provider of geopolitical analysis. Hackers broke into Stratfor's website in December and took millions of emails that WikiLeaks dumped on the web several months later.
Mysterious font left by malware befuddles. Call for help on Gauss highlights new malware era. Citadel exploit goes after weakest link at airport: employees. The latest exploit of the Citadel Trojan is yet more evidence that enterprise perimeter security is only as strong as the weakest endpoint device of its employees.
Which is another way of saying, not very strong. Amit Klein, CTO of security vendor Trusteer announced in a blog post on Tuesday that the company had discovered a man-in-the-browser attack using the Citadel Trojan that had compromised the virtual private network (VPN) of a major international airport hub. 'Crisis' malware targets VMware virtual machines.
Security researchers have discovered a single piece of malware that is capable of spreading to four different platform environments, including Windows, Mac OSX, VMware virtual machines, and Windows Mobile devices.
First uncovered last month by security company Integro, Crisis was originally described as a Mac Trojan capable of intercepting e-mails and instant messages and tracking Web sites visited. Additional scrutiny by Symantec has found that the malware targets both OSX and Windows users with executable files for both operating systems. New raise of Citadel malware…banking again under attack. Cloud, mobility and open source drive application development. Posted on 22 August 2012.
The worldwide application development (AD) software market is expected to reach more than $9 billion in 2012, an increase of 1.8 percent over 2011, according to Gartner. In Australia, spending on application development software is expected to reach A$153.4 million in 2012, up 5 percent over 2011. Growth will be driven by evolving software delivery models, new development methodologies, emerging mobile application development and open source software. “Application modernization and increasing agility will continue to be a solid driver for AD spending, apart from other emerging dynamics of cloud, mobility and social computing,” said Asheesh Raina, principal research analyst at Gartner. “These emerging trends are directing AD demand towards newer architectures, programming languages, business model and user skills.” According to Gartner, cloud is changing the way applications are designed, tested and deployed, resulting in a significant shift in AD priorities.
BYOD 2.0 and spotting the next big trend. How to Protect Your Commercial Web Server. 5 Systems You're Forgetting To Patch. Crisis malware infects VMware virtual machines, researchers say. The Windows version of Crisis, a piece of malware discovered in July, is capable of infecting VMware virtual machine images, Windows Mobile devices and removable USB drives, according to researchers from antivirus vendor Symantec.
Crisis is a computer Trojan program that targets Mac OS and Windows users. The malware was discovered by antivirus vendor Intego on July 24 and can record Skype conversations, capture traffic from instant messaging programs like Adium and Microsoft Messenger for Mac and track websites visited in Firefox or Safari. Crisis is distributed via social engineering attacks that trick users into running a malicious Java applet. The applet identifies the user's OS -- Windows or Mac OS X -- and executes the corresponding installer. Security researchers from antivirus vendor Kaspersky Lab, whose products detect the Crisis malware as Morcut, have confirmed the existence of this functionality in the Trojan program. Security experts scoff at Mars rover hack threat. Cybercrime Bill passes Senate, set to become law. The controversial Cybercrime Legislation Amendment Bill 2011 passed the Australian Senate today.
The Bill amends the Mutual Assistance in Criminal Matters Act 1987, the Criminal Code Act 1995, the Telecommunications (Interception and Access) Act 1979 and the Telecommunications Act 1997, and allows Australia to accede to the Council of Europe Convention on Cybercrime. The latter treaty is designed to foster cooperation and common policy between nations to deal with multi-national crimes committed on computer networks across the globe, such as online fraud or child pornography offences.