Stories by John E Dunn

Russian cyberweapons cross-pollinating commercial malware, analysis claims

By John E Dunn | 22 July, 2014 23:05

Sophisticated code of the sort used in Russian Government cyberweapons could be seeping into the commercial malware wielded by the country's criminals, a security firm has suggested after analysing the apparent cross-pollination in a previously unknown piece of malware called ‘Gyges'.

Phishing gang stole money from Apple users to fund UK criminal network

By John E Dunn | 20 July, 2014 06:06

A man and a woman have been handed a total of 14 years in jail for a phishing scam the proceeds of which were used to buy air tickets for Romanian criminals wanting to travel to the UK.

CryptoWall ransom malware struck US brokerage Benjamin F. Edwards & Co

By John E Dunn | 20 July, 2014 05:46

US brokerage Benjamin F. Edwards & Co has admitted that it could have suffered a data breach earlier this year after an employee at the firm became infected with the CryptoWall ransom malware, it has emerged.

Facebook users still an irresistible target for phishing attackers, says Kaspersky

By John E Dunn | 19 July, 2014 00:32

Phishing attacks from inside Facebook have fallen back from the historic peak of 2013 but still constitute 1 in 10 of all attacks of this type blocked by Kaspersky's security software, the firm has reported.

Wave of 100Gbps 'mega' DDoS attacks hits record level in 2014

By John E Dunn | 17 July, 2014 23:05

Huge DDoS attacks are becoming a regular occurrence with over 100 incidents breaching the psychological 100Gbps barrier that used to be seen as signifying trouble, new figures from Arbor Networks have confirmed.

Panda Security's new CEO plots reboot 2.0 for resurgent security brand

By John E Dunn | 16 July, 2014 17:57

Panda Security is the plucky Spanish antivirus firm that stormed the international market nearly a decade ago as malware threats boomed, beating most of its rivals to the idea of cloud security as an alternative to signature scanning. Well regarded technically and apparently successful, around 2010 the firm suddenly hit a sales wall.

Android apps ask for too many intrusive permissions, Zscaler analysis finds

By John E Dunn | 16 July, 2014 17:52

In the economy of mobile apps, you are less a consumer of software than consumed by it. That's according to security firm Zscaler that has analysed the surprisingly intrusive permissions demanded by many popular Google App store apps before they will allow a download to start.

LastPass tells users about two security flaws - a year after they were fixed

By John E Dunn | 15 July, 2014 18:48

LastPass fixed two software flaws in its popular password manager nearly a year ago after being informed of their existence by a researcher, the firm has admitted.

Chinese businessman used tech firm to hack US aircraft programmes, US alleges

By John E Dunn | 15 July, 2014 04:13

A Chinese businessman used the cover of his aviation firm to steal data on US military aircraft programmes which was then hawked around companies in his home country, the US Department of Justice has alleged.

Windows XP users left high and dry as Oracle ends Java support

By John E Dunn | 07 July, 2014 22:37

Windows XP hold-outs pay attention. If you run the Java runtime on XP, it looks as if the current version is about as good as it gets. The next version, 7u65 and 8u11, due to ship in the middle of July, will not support or run on XP.

Bolware payment malware swindles Brazilians out of staggering $3.75 billion, says RSA

By John E Dunn | 05 July, 2014 00:22

Brazilians using the country's Boleto Bancário money payment system could have been swindled out of as much as a staggering $3.75 billion (£2.2 billion) by a piece of malware called 'Bolware, according to a new analysis by security firm RSA Security.

MiniDuke state cyber-weapon re-used Russian 'Cosmu' Trojan, F-Secure says

By John E Dunn | 05 July, 2014 00:16

Some versions of the mysterious MiniDuke malware discovered last year targeting European governments shared code with a Trojan tracing its origins back to the early years of the commercial Internet, a new analysis by Finnish firm F-Secure has found.

Expert slams HotelHippo booking website after finding multiple security woes

By John E Dunn | 04 July, 2014 02:06

UK-based hotel booking website HotelHippo has been taken offline after a casual examination by security expert uncovered an extraordinary catalogue of security problems including leaking customer data to the Internet.

AlienVault expands OTX crowdsourced threat system with rogue traffic detection

By John E Dunn | 02 July, 2014 22:53

Security firm AlienVault has added a new feature to its Open Threat Exchange (OTX) crowdsourced intelligence-sharing system which allows organisations to monitor their networks for rogue traffic entering or leaving.

US breach-o-rama continues as Butler University admits 163,000-person hack

By John E Dunn | 02 July, 2014 18:50

Butler University in Indianapolis has told 163,000 staff and students including those connected to the institution in the past that a data breach dating back to 2013 could have compromised their personal details.

CSO Corporate Partners
  • f5
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

ZENworks® Endpoint Security Management

Protect against bugs in USB Storage devices

Security Awareness Tip
Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.