Fahmida Y. Rashid

Researchers have analyzed a new piece of malware that masquerades as a PDF document and executed malicious code when opened. What makes this Trojan unusual is that it targets Macs. Sophos and F-Secure discovered the Trojan, which uses a “double extension” trick where a second file extension is added to the file to hide the […]

Major Spear phishing attacks continued to make headlines in the past week. Japan’s largest defense contractor, Mitsubishi Heavy Industries, disclosed it had discovered more than 80 servers and computers had been infected with several types of malware in its headquarters, manufacturing plants and shipyards around the country.As the company continued its investigation and was criticized […]

More than 400 Websites hosted with domain registrar GoDaddy were compromised, redirecting unsuspecting visitors to a malicious site. It appears the sites were hit by a spear-phishing attack and the attackers could have done far greater damage, security researchers said. “Many” sites hosted on GoDaddy servers had their Apache configuration files modified to include rules […]

Wave Systems has acquired Israeli company Safend for approximately $12.8 million to expand its portfolio of security and encryption products. The Cupertino Calif-based paid $1.1 million in cash and 5.2 million shares of Wave Systems common stock, valued at $2.214 per share to close the deal, Wave Systems said Sept 22. The addition of Safend’s […]

Security researchers are set to unveil the attack tool capable of breaking the encryption algorithm that protects Websites. Hours before the presentation, cryptography experts provided recommendations on how to defend Websites from the exploit. Researchers Thai Duong and Juliano Rizzo are scheduled to demonstrate BEAST, the Browser Exploit Against SSL/TLS attack tool, at the Ekoparty […]

Researchers have uncovered a series of cyber-attacks targeting government agencies and research institutions around the world. But unlike recent high-profile incidents, China has not been blamed. Attackers targeted 47 victims including space-related government agencies, diplomatic missions, research institutions and companies located in 61 countries, including Russia, India, Mongolia, Vietnam and the Commonwealth of Independent States […]

As a scam, it’s fairly common for cyber-criminals to cold-call unsuspecting users to inform them of problems with their computers. Sometimes the callers claim to be Microsoft or one of the major PC vendors. More often, it is a company who claims to be a Microsoft partner or a company that offers “technical support services.” […]

The Federal Bureau of Investigation disclosed on Sept. 22 that it made arrests in San Francisco and Phoenix of two alleged members of Anonymous and LulzSec. The LulzSec suspect, Cody “recursion” Kretsinger, of Tempe, Ariz., was charged with conspiracy and the unauthorized impairment of a protected computer, according to an unsealed federal indictment. Kretsinger is […]

To help organizations secure their virtualized environments, Rapid7 has updated its security framework to include virtual machine scanning and automated scanning. Nexpose 5 scans both physical and virtual environments to help identify and mitigate potential security risks, Rapid7 said Sept. 20. It also includes malware intelligence to identify vulnerabilities. As organizations shift applications to virtualized […]

Radware’s latest anti-attack system is designed to help organizations detect and defend against attacks in real time. The Radware Attack Mitigation System offers both attack detection and mitigation technologies on a single platform, Radware said Sept. 21. The system protects application infrastructure to prevent network and application downtime, application vulnerability exploitation, malware spread, information theft, […]