More Malware and Vulnerabilities News

Is cloud-based security really less expensive?

Businesses in new study were five times more likely to have decreased spending on managing security over three years as a percentage of their overall IT budget.

Android hackers hone skills in Russia

The malware business growing around Google Android -- now the leading smartphone operating system -- is still in its infancy. Today, many of the apps built to steal money from Android users originate from Russia and China, so criminal gangs there have become cyber-trailblazers.

Microsoft anti-bloatware service to apply to Windows 8 PCs, too

A Microsoft in-store program that scrubs "bloatware" from Windows PCs will also be offered when Windows 8 machines reach the market later this year, a company representative said.

Google releases Chrome 19, adds tab sync and patches 20 bugs

Google released Chrome 19, patched 20 vulnerabilities in the browser and doled out $16,500 in bug bounties and rewards to independent researchers.

Wikipedia warns users about malware injecting ads into its pages

Rogue browser extensions might inject commercial ads into Wikipedia pages, Wikimedia Foundation said

Apple ships first Leopard security update in nearly a year

Apple on Monday issued its first security-related update for OS X 10.5, or Leopard, in nearly a year, to disable long-outdated versions of Adobe's Flash Player.

Adobe backpedals, will now patch software for free

After being pummeled by customers and security experts for telling users to spend hundreds of dollars on upgrades because it wasn't going to patch critical bugs in older versions of its software, Adobe has reversed course.

Adobe: Pay upgrade price to patch critical bugs

Adobe has told users of its Creative Suite, which includes the company's premier products like Photoshop and Illustrator, to spend $375 to upgrade if they want patches for eight critical vulnerabilities.

Amnesty International UK website compromised

The U.K. website of Amnesty International, a human rights watchdog organization, was compromised by hackers, who used it to infect visitors with a remote access Trojan horse program known as Gh0st RAT.

Police-themed ransomware targets U.S., Canadian users

A ransomware application that locks computers and asks their owners to pay fines for allegedly violating several laws through their online activity is targeting U.S. and Canadian users, malware experts from security firm Trend Micro said on Wednesday.

PHP patches actively exploited CGI vulnerability

The PHP Group has released PHP 5.4.3 and PHP 5.3.13 on Tuesday in order to address two remote code execution vulnerabilities, one of which is being actively exploited by hackers.

Microsoft security patches include fixes for Word, Office, Windows

Microsoft has fixed 23 vulnerabilities in its software products, including several considered critical, the company said on Tuesday in its monthly security patch report.

CERT warns of targeted phishing attacks against gas pipeline firms

The United States Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued a warning about an active "spear phishing" campaign targeting companies in the natural gas pipeline sector.

PHP will try again to patch chip flaw

The PHP Group plans to release new versions of the PHP processor on Tuesday in order to patch two publicly known critical remote code execution vulnerabilities, one of which was improperly addressed in a May 3 update.

Google Raises Bug Bounties to $20,000

Google has dramatically raised the bounties it pays independent researchers for reporting bugs in its core websites, services and online applications.

Android malware used to mask online fraud, says expert

Android malware being automatically distributed from hacked websites looks like it's being used to mask online purchases, and could be part of a fraud gang's new push into mobile, researchers said today.

Adobe patches new Flash zero-day bug with emergency update

Adobe today warned that hackers are exploiting a critical vulnerability in its popular Flash Player program, and issued an emergency update to patch the bug.

Microsoft boots Chinese firm for leaking Windows exploit

Microsoft identified a Chinese security partner as the source of a leak last March in its highly restricted vulnerability information-sharing program.

Microsoft plans big May patch slate for next week

Microsoft today said it would ship seven security updates next week, three critical, to patch 23 bugs in Windows, Office and its Silverlight and .Net development platforms.

Hackers blackmail Belgian bank with threats to publish customer data

Hackers claimed to have breached the systems of the Belgian credit provider Elantis and threatened to publish confidential customer information if the bank does not pay $197,000 before Friday.