Stories by John E Dunn

Defunct Koler ransom Trojan attacked 200,000 Android users in matter of weeks

By John E Dunn | 30 July, 2014 22:54

The crude Koler.a ‘police ransom' Trojan that started attacking Android smartphone users in April has finally been knocked out of action by researchers but only after revealing the disturbing if brief scale of its global success.

Police warnings to appear on websites suspected of copyright abuse

By John E Dunn | 30 July, 2014 22:52

UK visitors to websites suspected of pirating content will from this week be served banners warning them of the site's suspect status, the Police Intellectual Property Crime Unit (PIPCU) has announced.

Is the WEDG the answer to post-Snowden data paranoia? Its inventor remains hopeful

By John E Dunn | 29 July, 2014 20:48

The British entrepreneur behind the innovative WEDG secure storage box for the ‘post-Snowden era' has told Techworld he remains upbeat about its chances despite still being some way short of the £90,000 ($150,000) set for the project on Kickstarter.

Mystery 'Onion/Critroni' ransom Trojan evolves to use more sophisticated encryption

By John E Dunn | 26 July, 2014 23:01

Kaspersky Lab has added more detail on the fiendish ‘Onion' (aka 'Critroni') ransom Trojan that uses the Tor anonymity service to hide its command and control (C&C) as well as displaying a level of thoughtfulness about its encryption design that bodes ill for future attacks.

Nigerian 419 scammers diversifying into Trojan malware, finds Palo Alto

By John E Dunn | 25 July, 2014 23:12

A Nigerian cybercrime gang versed in 419 social engineering scams has diversified into using off-the-shelf RAT tools to attacks Taiwanese and South Korean businesses, according to researchers working for Palo Alto Networks.

Internet Explorer vulnerabilities surge to record levels in 2014, NVD figures reveal

By John E Dunn | 25 July, 2014 20:21

Microsoft's Internet Explorer experienced a record number of software vulnerabilities in the first half of 2014, far above any other popular program, a Bromium analysis of US National Vulnerability Database (NVD) figures has shown.

Russian cyberweapons cross-pollinating commercial malware, analysis claims

By John E Dunn | 22 July, 2014 23:05

Sophisticated code of the sort used in Russian Government cyberweapons could be seeping into the commercial malware wielded by the country's criminals, a security firm has suggested after analysing the apparent cross-pollination in a previously unknown piece of malware called ‘Gyges'.

Phishing gang stole money from Apple users to fund UK criminal network

By John E Dunn | 20 July, 2014 06:06

A man and a woman have been handed a total of 14 years in jail for a phishing scam the proceeds of which were used to buy air tickets for Romanian criminals wanting to travel to the UK.

CryptoWall ransom malware struck US brokerage Benjamin F. Edwards & Co

By John E Dunn | 20 July, 2014 05:46

US brokerage Benjamin F. Edwards & Co has admitted that it could have suffered a data breach earlier this year after an employee at the firm became infected with the CryptoWall ransom malware, it has emerged.

Facebook users still an irresistible target for phishing attackers, says Kaspersky

By John E Dunn | 19 July, 2014 00:32

Phishing attacks from inside Facebook have fallen back from the historic peak of 2013 but still constitute 1 in 10 of all attacks of this type blocked by Kaspersky's security software, the firm has reported.

Wave of 100Gbps 'mega' DDoS attacks hits record level in 2014

By John E Dunn | 17 July, 2014 23:05

Huge DDoS attacks are becoming a regular occurrence with over 100 incidents breaching the psychological 100Gbps barrier that used to be seen as signifying trouble, new figures from Arbor Networks have confirmed.

Panda Security's new CEO plots reboot 2.0 for resurgent security brand

By John E Dunn | 16 July, 2014 17:57

Panda Security is the plucky Spanish antivirus firm that stormed the international market nearly a decade ago as malware threats boomed, beating most of its rivals to the idea of cloud security as an alternative to signature scanning. Well regarded technically and apparently successful, around 2010 the firm suddenly hit a sales wall.

Android apps ask for too many intrusive permissions, Zscaler analysis finds

By John E Dunn | 16 July, 2014 17:52

In the economy of mobile apps, you are less a consumer of software than consumed by it. That's according to security firm Zscaler that has analysed the surprisingly intrusive permissions demanded by many popular Google App store apps before they will allow a download to start.

LastPass tells users about two security flaws - a year after they were fixed

By John E Dunn | 15 July, 2014 18:48

LastPass fixed two software flaws in its popular password manager nearly a year ago after being informed of their existence by a researcher, the firm has admitted.

Chinese businessman used tech firm to hack US aircraft programmes, US alleges

By John E Dunn | 15 July, 2014 04:13

A Chinese businessman used the cover of his aviation firm to steal data on US military aircraft programmes which was then hawked around companies in his home country, the US Department of Justice has alleged.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Enterprise Virtualisation Security

Deep Security provides a comprehensive Server Security Platform giving organisations advanced protection for Physical, Virtual, and Cloud Servers.

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.