News & Features
Google has disclosed that it has, for the last year, been using a system called Bouncer to scan the Android Market for malware and says there was a 40% decline in downloads of malicious software in 2011
more »
The lure was a well-made invitation to a prestigious conference which then injected spyware into employee's computers
more »
In late 2011, the US corporation notified the authorities of several intrusions into its IT systems in 2010. However, no important information is believed to have been stolen
more »
Following a joint operation by Microsoft and Kaspersky Lab last September to disrupt Kelihos, the spam-sending botnet is now said to be making a comeback and using new techniques
more »
Android applications running on some HTC smartphones can access the passwords of the Wi-Fi networks they are connected to and potentially send that information to third parties. HTC has release updates for the affected devices
more »
The company has released Mac OS X 10.7.3 and, for users who have yet to upgrade from 10.6.8 to Lion, Security Update 2012-001. The updates address more than 50 security vulnerabilities that could be exploited to, for example, remotely execute arbitrary code
more »
Mozilla has detailed the security fixes included in the recent updates to its Firefox web browser, Thunderbird email client and SeaMonkey suite. Version 10.0 of Firefox, for example, closes 8 holes, 5 of which are rated as critical
more »
At a conference, Kristin Paget demonstrated how easily RFID-enabled credit cards can be used to make a payment without requiring any card owner interaction
more »
Post the Carrier IQ controversy, a legislative initiative aims to give US mobile phone users more control over their data. In future, users would have to explicitly consent to the installation of information-collecting software
more »
The addition of a debug option to the widely used sudo command introduced a flaw which could allow an attacker to gain root privileges by using a symbolic link to change the name of the command
more »
What Symantec calls malware is really applications participating in an aggressive ad network says Lookout security
more »
The new technology for signing Git pull requests is an indirect consequence of the break-in at kernel.org.
more »
MIDI music on web pages is providing the soundtrack to malware exploiting a vulnerability in Windows multimedia to install a rootkit
more »
A small memory leak on every connection to the Samba file sharing daemon could be exploited to create a denial of service. A patch and an update have been released
more »
Symantec warns that 13 Android apps are infected with malware that accesses data on smartphones and tablets and changes the start page in the browser
more »
In the last seven days: Linux 3.3 goes into testing, Ubuntu 12.04 gets a new HUD and a Linux root exploit surfaced. Also KDE 4.8 and a stable release of Cinnamon arrived, jSlate was open sourced and the 6502 microprocessor relaunched
more »
Attackers can remotely execute code with system privileges as a result of a known bug in Telnet daemon telnetd
more »
Version 0.10 of FFmpeg adds several new encoders and decoders, as well as new filters and tools. The latest stable release also closes 15 security holes
more »
The Microsoft Malware Protection Center has discovered a trojan downloader that only downloads and executes malicious code in the RAM, making it difficult to detect
more »
The security services provider recommends using the remote control software only if absolutely necessary
more »
The Apache Shiro application security framework is updated to give better password hashing and storage, more control over sessions and filters, and Guice and OSGi support
more »
A memo from the US TSA says that, in December 2011, hackers disrupted the railway schedules of one unnamed railway operator in the Northwest
more »
An O2 user found that the mobile carrier was adding his phone number to the headers of HTTP requests he made over the 3G network. The problem appears to affect all users of O2, GiffGaff and Tesco Mobile but it isn't a new issue
more »
Security expert HD Moore scanned around 3% of all publicly accessible IP addresses looking for video conferencing systems and managed to monitor corporate board rooms, inmate-lawyer consultation areas and research facilities
more »
In support of Polish NGOs fighting Poland's plan to sign up to the ACTA anti-counterfeiting agreement, Anonymous has called on hacktivists in Poland to stop denial of service attacks on government sites
more »
Break-ins at domain registrar VeriSign in 2010 
