A new version of a file-infecting malware program that's being distributed through drive-by download attacks is also capable of stealing FTP (File Transfer Protocol) credentials, according to security researchers from antivirus firm Trend Micro.
Microsoft has already received several vulnerability reports that qualify for monetary rewards as part of the company's bug bounty program launched in June for the preview version of Internet Explorer 11.
The organizers of the Defcon hacking convention have publicly asked U.S. federal government workers not to attend the event this year due to tension in the hacker community caused by the recent revelations about the U.S. government's electronic surveillance efforts.
Peter Sunde, the co-founder of BitTorrent search engine The Pirate Bay, is working on developing a secure mobile messaging app and service that's intended to be safe from government surveillance and be user friendly at the same time.
Technical details and a proof-of-concept exploit have been published for a recently announced Android vulnerability that potentially affects millions of devices and allows attackers to turn legitimate apps into Trojan programs.
The Brazilian government has formally asked the U.S. government for clarification regarding the alleged large-scale interception of electronic communications of Brazilian citizens by the U.S. National Security Agency.
Several members of the Icelandic Parliament introduced a bill Thursday that seeks to grant Icelandic citizenship to U.S. National Security Agency document leaker Edward Snowden, but the bill won't be discussed until September.
An online protest against the surveillance programs of the U.S. National Security Agency planned for July 4 was off to a slow start Thursday morning, despite expectations it would see participation from thousands of websites.
A vulnerability that has existed in Android for the past four years can allow hackers to modify any legitimate and digitally signed application in order to transform it into a Trojan program that can be used to steal data or take control of the OS.
A 30-year-old Bulgarian was extradited to the U.S. from Paraguay in order to face charges related to his alleged involvement in Shadowcrew, a large cybercrime forum that was dismantled by U.S. authorities in 2004.
A critical vulnerability that could allow remote attackers to access sensitive enterprise log-in credentials and other data was fixed last week in Crowd, a single sign-on (SSO) and identity management tool used by large organizations to simplify access to their internal Web applications and services.
ZRTPCPP, an open-source library that's used by several applications offering end-to-end encrypted phone calls, contained three vulnerabilities that could have enabled arbitrary code execution and denial-of-service attacks, according to researchers from security firm Azimuth Security.
A new variant of the Citadel financial malware uses in-browser injection techniques combined with extensive content localization to steal log-in credentials and credit card information from users in different countries, according to researchers from security vendor Trusteer.
Copyright 2014 IDG Communications. ABN 14 001 592 650. All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.