malware | Betabeat

By Steve Huff 11/08/12 5:11pm

Stuxnet's command and control. (Krebs On Security)

Out in the Wild, Government-Created Stuxnet Virus Now Infecting Corporations

In Stephen King’s apocalyptic horror novel The Stand, a government-created virus escapes into the wild and kills most of the people on Earth. About two years ago, a similar scenario almost came true–but, fortunately for living creatures the bug was the U.S.-and-Israeli-made Stuxnet malware. The unintended victim was Chevron’s computer network.

Stuxnet was the highly sophisticated worm that successfully infiltrated Iran’s nuclear enrichment plants in 2010. According to The Wall Street Journal, Stuxnet wasted no time infecting friends as well as foes: Read More

By Steve Huff 11/06/12 11:59am

Hack Hack Hack Hack It Apart

Cybersecurity Experts Concerned Hackers Could Steal Your Email Vote

Superstorm Sandy washed and blew away some polling places and displaced thousands of residents in New York and New Jersey. New Jersey, in an effort to make sure every voice is heard, has enabled voting via email.

New York didn’t want to go with the email voting option because officials feel it might be vulnerable to fraud.

Writing in Norman’s “Security Exposed” blog, Norman’s vice president and GM Darin Andersen examines the problem of email voting.

Mr. Andersen writes that polling machines may have their own security problems but admits there hasn’t been reliable evidence of hacker interference in previous elections. However, Mr. Andersen is wary of email voting: Read More

By Steve Huff 10/17/12 11:58am

Malware Mischief

Many Hospital Medical Devices More Badly Infected Than the Patients They Monitor

Even in the best hospitals there is a danger of acquiring vicious bugs like flesh-eating bacteria, pneumonia or even a new strain of tuberculosis. MIT’s Technology Review blog reports that medical facilities nationwide are now dealing with an entirely different class of bugs: malware.

Computerized equipment manufacturers apparently have an affection for out-of-date versions of Windows that may eventually put entire hospital computer networks in jeopardy.

Speaking last week in a Washington, D.C., meeting of a medical device panel, security expert Kevin Fu was unequivocal: Read More

By Steve Huff 10/16/12 6:24pm

Malware Mischief

Mr. Kaspersky not looking supervillain-like at all. (Photo: flickr.com/cebitaus

Kaspersky Lab is Working on its Own Super-Secure Industrial Operating System

Inspired by the behaviors of sophisticated malware such as Stuxnet, Flame, Duqu and Gauss, Russian billionaire and possible real-life Batman Eugene Kaspersky announced today that his Kaspersky Lab is developing a new operating system.

Mr. Kaspersky’s announcement wasn’t heavy on details about the OS, but security was obviously priority one. Acknowledging that Microsoft, Apple and the open source communities haven’t been able to create truly secure controls, Mr. Kaspersky basically said the problem with the previous systems was their universality: Read More

By Steve Huff 10/12/12 11:56am

SOPA Opera

SOPA Virus Kidnaps Computers for Ransom [Video]

Virus makers sometimes create what amount to digital versions of the creepy guy on the corner in a trenchcoat trying to convince kids to get in his ‘police van.’ The SOPA (Stop Online Piracy Act) virus is just the latest and worst example of this. It’s called ransomware, and it will lock down a victim’s computer and give them an ugly scare in the process.

TorrentFreak explains how the SOPA virus works: Read More

By Steve Huff 10/11/12 10:42am

Malware Mischief

Warning: ‘Mitt Romney Almost President’ Is a Malware Attack, Not a CNN Alert

SophosLabs reports that malware attacks tend to surge near major elections and the most recent is calculated to pull in anxious voters on either side of the political spectrum; a malicious email purporting to come from CNN declaring “CNN Breaking News–Mitt Romney Almost President.”

In a post on their NakedSecurity blog, Sophos explains why no one should click a link from an email like this: Read More

By Steve Huff 10/09/12 2:00pm

Malware Mischief

Chrome Users Fooled Into Installing Fake and Malicious Bad Piggies Browser Game

Google Chrome users who think they’re downloading a browser version of the Angry Birds-related Bad Piggies game could be in for a nasty surprise–just ask the 80,000 or more users who recently installed malicious Bad Piggies fakes directly from Google’s Chrome Web Store.

Geek.com refers readers to the Barracuda Labs Internet Security Blog, which details conclusions researchers made once they started pulling apart the real payload accompanying the scammy games: Read More

By Steve Huff 10/04/12 1:18pm

SCAMS

New Universal Exploit Lets Cyber Thieves Immediately Snatch Data From Browser Forms [Video]

Malware scammers are streamlining the process they use to steal vital information with a new exploit that works on any website, not just a mocked-up PayPal form. This newly-discovered exploit has been spookily dubbed “Universal Man-in-the-Browser,” or uMitB.

Past scams used plain old Man-in-the-Browser to lift stolen data. Man-in-the-Browser (MitB) extracts data from fake forms that look just like any online purchase page. Cons have to take log files of information gathered by a Man-in-the-Browser scam and sort it for vital information before selling it via black markets online. This need to parse the stolen data worked in the victim’s favor, as it gave anyone who realized they’d fallen for the ploy the time to cancel or close their accounts.

Universal Man-in-the-Browser eliminates the lag time between victim data entry and scammer data use and can pull from any web page. George Tubin, a senior security strategist at security vendor Trusteer, explained uMitB in more detal to CSO Online: Read More

By Steve Huff 9/28/12 3:41pm

Malware Mischief

Researchers Develop ‘Visual Malware’ for Android

Via Gizmodo we have learned of PlaceRaider, the scariest damn Android malware you never want hiding on your cuddly old pal, the full-featured smartphone.

Researchers at the US Naval Surface Warfare Center created PlaceRaider and have dubbed it “visual malware.” It was developed as a proof of concept but would also be a great idea to sell to producers seeking spy gadget ideas for the next James Bond film, because PlaceRaider hints at the future of covert surveillance: Read More

By Steve Huff 9/28/12 9:35am

Security

The HoneyMap Offers Real-Time Glimpse of Cyber Attacks as They Happen

The Honeynet Project has made monitoring the war in cyber space weirdly fascinating with its HoneyMap, which displays malicious attacks as they happen. The result is reminiscent of old animated maps from newsreels reporting on battles during World War II.

The Atlantic Wire explains how to read the HoneyMap: Read More

BetaBeat

Out in the Wild, Government-Created Stuxnet Virus Now Infecting Corporations

Cybersecurity Experts Concerned Hackers Could Steal Your Email Vote

Many Hospital Medical Devices More Badly Infected Than the Patients They Monitor

Kaspersky Lab is Working on its Own Super-Secure Industrial Operating System

SOPA Virus Kidnaps Computers for Ransom [Video]

Warning: ‘Mitt Romney Almost President’ Is a Malware Attack, Not a CNN Alert

Chrome Users Fooled Into Installing Fake and Malicious Bad Piggies Browser Game

New Universal Exploit Lets Cyber Thieves Immediately Snatch Data From Browser Forms [Video]

Researchers Develop ‘Visual Malware’ for Android

The HoneyMap Offers Real-Time Glimpse of Cyber Attacks as They Happen

Across the Wire

To Do Friday: Top Gun

Could a Mega Mansion Be In the Works On East 64th Street?

Permission to Splurge: Whole Foods Isn't Just About Where You Buy Your Food; It's About Who You Think You Are

Met's Renovated, Reinstalled European Art Galleries Bewitch

Photographers Finally Leave Anthony Weiner's Apartment Alone