A group of hackers that are infecting Web servers with rogue Apache modules are also backdooring their Secure Shell (SSH) services in order to steal login credentials from administrators and users.
Stories by Lucian Constantin
Many of the domain names used by a cybercriminal gang to control computers infected with the Virut malware were disabled last week in a coordinated takedown effort, Spamhaus, an organization dedicated to fighting spam, announced Saturday.
The U.S. Federal Communications Commission is advising smartphone users on how to protect their mobile devices and data from mobile security threats.
Adobe released security updates for its Flash Player and ColdFusion products on Tuesday in order to address critical vulnerabilities that could give attackers control over the affected computers.
Researchers from Israel-based IT security firm Seculert have uncovered a custom-made piece of malware that infected hundreds of point-of-sale (PoS) systems from businesses in 40 countries in the past few months and stole the data of tens of thousands of payment cards.
Hewlett-Packard has filed a complaint against display manufacturers Chunghwa Picture Tubes and Tatung Company of America, seeking to recover damages it claims it suffered as a result of their involvement in a price fixing scheme.
A security researcher claims that he found 23 vulnerabilities in industrial control software from several vendors after a different security company last week showcased vulnerabilities in applications from some of the same manufacturers, but chose not to report them.
Security researchers from antivirus vendor Symantec have uncovered a piece of malware that uses Google Docs, which is now part of Google Drive, as a bridge when communicating with attackers in order to hide the malicious traffic.
Cisco Systems has warned customers about critical vulnerabilities in the Sophos antivirus engine included in its Cisco IronPort email and Web security appliances.
Security researcher Tavis Ormandy discovered critical vulnerabilities in the antivirus product developed by U.K.-based security firm Sophos and advised organizations to avoid using the product on critical systems unless the vendor improves its product development, quality assurance and security response practices.
Chinese networking and telecommunications equipment manufacturer Huawei plans to send a team of engineers to Germany in order to meet with Felix Lindner, a security researcher who earlier this year disclosed vulnerabilities in the company's products, he confirmed.
Adobe has fixed six critical vulnerabilities in Shockwave Player that could potentially be exploited by attackers to execute malicious code, via the release of version 18.104.22.1688 of the software.
The recently launched Adobe Reader and Adobe Acrobat XI come with new security features and an improved sandbox that will make the products harder to attack and exploit, according to Adobe.
Security researchers from Kaspersky Lab have identified another piece of malware targeting the Middle East that is likely part of the interrelated cyberespionage efforts behind Stuxnet, Duqu, Flame and Gauss.
Hackers are distributing rogue email notifications about changes in Microsoft's Services Agreement to trick people into visiting malicious pages that use a recently circulated Java exploit to infect their computers with malware.
Nominations now closed