twoheadedboy writes: "Down in the dark web mobile malware pushers are getting active. TechWeekEurope has been handed evidence that one piece of malware called Perkele, which can infect Android, BlackBerry and Symbian devices, is being sold for as much as $15,000. The dealer is offering more than just the code — there are support and design services on offer too, as well as a choice of Regular and Lite versions of the malicious app. It is designed to work with PC banking Trojans, by intercepting SMS messages containing the secret code required to access bank accounts, providing that second factor in the authentication process. Meanwhile, the target thinks they are carrying out a legitimate session with their bank, unaware of the man-in-the-browser attack hitting them. Given how prevalent mobile malware is becoming, and how much money can be made from such schemes, it is perhaps no surprise Perkele is on sale for such a high figure."
twoheadedboy writes: "Kim Dotcom launched his new project Mega on Sunday, claiming it was to be "the privacy company". But it might not be so private after all, as security professionals have ripped it to shreds. There are numerous problems with how encryption is handled, an XSS flaw and users can't change their passwords, they say. But there are suspicions Mega is handing out encryption keys to users and touting strong security to cover its own back. After all, if Kim Dotcom and Co don't know what goes on the site, they might not be liable for copyright prosecutions, as they were for Megaupload, Mega's preprocessor."
twoheadedboy writes: "Anonymous has said it will not take lightly this week’s actions against Wikileaks and Demonoid, one of the world’s oldest torrent-tracking websites which was shut down this week. Wikileaks sites remain down, including the main portal, wikileaks.org, and many of its mirror sites which are spread around the world, such as wikileaks.de in Germany. Julian Assange’s organisation claims to have been hit by a distributed denial of service (DDoS) attack. The websites have been down for almost a week now, but someone has come forward and taken responsibility for the sustained hit. An organisation going by the name of @AntiLeaks on Twitter claimed to be behind the DDoS. "Wikileaks survives through donations that pay for their cyber terrorism and Assange’s legal defense. We will continue to enforce a blockade on Wikileaks and it’s [sic] supporters whom attempt to raise donations on it’s [sic] behalf," the account holder tweeted. Anonymous said @AntiLeaks' actions meant "war", whilst pledging to attack Ukranian authorities for taking down Demonoid."
twoheadedboy writes: "Blizzard, the games developer behind major titles like World of Warcraft and Diablo III, has admitted its network was hacked and user login information was stolen. It said there was no evidence credit card details or real names of customers were compromised, however the culprits managed to take “cryptographically scrambled” Battle.net passwords of North American users. Battle.net is Blizzard’s online multiplayer service, where players can compete with each other in some of the developer’s most popular titles. US gamers’ answers to personal security questions were also stolen, as were mobile and dial-in authenticators. For global users, it seems that just some email addresses were illegally accessed. Nevertheless, Blizzard has joined the sizeable list of companies who have had passwords stolen this year."
twoheadedboy writes: "A fresh piece of government-created malware has been spotted and it has a hidden payload that could cause carnage, security researchers have warned. Known as Gauss, it is believed to be the work of the nation state or states who created the Flame cyber espionage tool, meaning it is also related to the Stuxnet and Duqu malware. Stuxnet and Flame are both believed to have been created by the US and Israel, meaning those two countries have again been implicated in another cyber espionage campaign. The secret “warhead” contains an “unknown, encrypted payload which is activated on certain specific system configurations”, Kaspersky said. It has called for world class cryptographers to help figure out what the “special payload or time bomb” is in Gauss' USB data-stealing payload. Lebanon appears to be the main target, but a small number of infections have been seen in the US and elsewhere. Gauss can do all kinds of nasty things, but one of its chief aims is to steal banking data — even from Citibank and PayPal customers. Kaspersky said it was the first time it had seen a government-created piece of malware try to steal banking information."
twoheadedboy writes: "Google has been clamping down hard on malicious websites as blacklisting of the most popular domains jumped 150 percent between May and July, according to data from security vendor Zscaler. From an average of 400 blacklisted sites in May, Google blocked access via its Safe Browsing service to over 1,000 in July, largely because they contained malicious code. Zscaler looked at the top 1 million sites based on number of visits according to ranking service Alexa. Most websites were cleaned up within a few days, although the average number of days a site was blocked over the three months stood at seven."
twoheadedboy writes: "After being hit by a "72-hour" DDoS in May, WikiLeaks is claiming to be under attack yet again. All its sites appear to be down and fingers have already been pointed at government entities. WikiLeaks, posting on Twitter, said it had its suspicions of why it was being targeted. It was either because of its ongoing releases related to Stratfor and Syria, or because of an upcoming release, Julian Assange's organisation speculated. The fact that everyone is currently engrossed in the Olympics may have given attackers good reason to target the websites right now, WikiLeaks said."
twoheadedboy writes: "Remember the Mariposa botnet? It was thought to have control over 11 million machines at the height of its power. Two years since it was shut down, Mariposa's alleged mastermind is on trial. Meanwhile, Spanish men believed to be part of the Mariposa operation are yet to face trial. However, one of the security researchers who led the charge against Mariposa expects their time will come later this year."
twoheadedboy writes: "Proving that the insider threat is something to be scared of, a former IT security chief at Lloyds Bank has pleaded guilty to committing fraud worth over £2.4 million against the financial institution. Jessica Harper, who was in charge of fraud and security for digital banking on an interim basis, was accused of submitting false invoices to claim payments over a four year period. She now faces a lengthy jail sentence, even though she is close to paying £1 million of the money back. Customers are not believed to have been hit."
twoheadedboy writes: "LinkedIn has confirmed the password theft that rocked the social networking company cost it between $500,000 and $1 million. Steve Sordiello, chief financial officer at LinkedIn, said during a conference call that forensic work and “other elements” meant the company had to spend a significant amount. However, he denied that the breach had a significant material impact. In June, 6.5 million passwords were stolen and published online. Although protected with SHA-1 hashes, there was no salting, meaning the hackers were able to crack some of the login details."
twoheadedboy writes: "A health Trust in the UK has been slapped with a £175,000 fine after it published sensitive data of its own staff on the Internet. Torbay Care Trust in Torquay let a spreadsheet containing information such as religious background and sexual orientation remain open to everyone on its website for 19 weeks. Even though it said the data had not been used for malicious ends, the Trust accepted the fine and agreed to put additional measures in place to stop anything similar happening in the future. Still, goes to show how a simple mistake can end up costing you a a lot when it comes to data protection."
twoheadedboy writes: "It appears the Apple support system might need a rethink, after a hacker managed to dupe workers in the AppleCare department into handing over iCloud login details. The snafu came to light when a former Gizmodo worker, Mat Honan, had his account compromised. The hackers used the information they had from the iCloud to attack other accounts belonging to Honan. That included a Twitter account that was linked to the Gizmodo Twitter profile, which had bafflingly started sending out offensive messages last week. Now Apple is being called on to sort out its support team processes."
twoheadedboy writes: "Iran may have been hit hard by Stuxnet, but officials have said that reports of a virus infecting its nuclear facilities and forcing computers to play the AC/DC classic 'Thunderstruck' were rubbish. Last month, F-Secure's chief research officer, Mikko Hypponen, was sent an email that appeared to be from a scientist working at the Atomic Energy Organization of Iran (AEOI), claiming nuclear systems had been targeted by cyber attackers. Whilst the chief of the AEOI has come out to deny those claims, the sender of that email still managed to get hold of an official aeoi.org.ir email address. That has left some onlookers baffled about what is going on."
twoheadedboy writes: "Yahoo is being sued by one of its users, who has claimed the US Internet company was guilty of negligence when 450,000 passwords of the members of the Yahoo Voices blogging community were posted online. Jeff Allan from New Hampshire has turned to a federal court in San Jose, California, after his eBay account, which used the same password as his Voices account, was compromised. The breach at Yahoo followed similar hits on LinkedIn and Nvidia, which together saw millions of passwords leaked."