Stories by Lucian Constantin

Adobe Reader update patches vulnerabilities, removes bundled Flash Player

Adobe Systems released new versions of Adobe Reader 10.x and 9.x on Tuesday, addressing four arbitrary code execution vulnerabilities and making several security-related changes to the product, including the removal of the bundled Flash Player component from the 9.x branch.

Kaspersky launches free Flashback removal tool and website to check for infections

Antivirus vendor Kaspersky Lab has launched a free removal tool for the Flashback Mac OS X malware and a website where users can check whether their computers are infected with it.

Cybercriminals use Zeus malware to target cloud payroll services

Cybercriminals are using the Zeus online banking malware to target companies that use cloud-based payroll services, researchers from security firm Trusteer said Monday.

Web attacks use smart redirection to evade URL security scanners

Security researchers from antivirus vendor ESET have come across new Web-based malware attacks that try to evade URL security scanners by checking for the presence of mouse cursor movement.

Sophos takes down partner portal after signs of hacking

Security firm Sophos has taken its partner portal offline and will reset every user's password after it found signs of a potential security breach on the server hosting it.

Fast-growing Flashback botnet includes over 600,000 Macs, malware experts say

More than 600,000 Macs have been infected with a new version of the Flashback Trojan horse that's being installed on people's computers with the help of Java exploits, security researchers from Russian antivirus vendor Doctor Web said on Wednesday.

Rogue US Airways-themed emails distribute ZeuS-based malware

Cybercriminals are distributing a new piece of malware that's based on the ZeuS computer Trojan through rogue emails that masquerade as US Airways online check-in notifications.

Sophos buys mobile device management vendor Dialogs

Sophos has entered a definitive agreement to acquire Dialogs Software, a mobile device management vendor based in Dortmund, Germany, the security firm announced on Monday.

Mozilla adds vulnerable Java plug-in versions to Firefox blocklist

Mozilla has blacklisted unpatched versions of the Java plug-in from Firefox on Windows in order to protect its users from attacks that exploit known vulnerabilities in those versions.

Ice IX malware tricks Facebook users into exposing credit card details, says Trusteer

A new configuration of the Ice IX malware attempts to trick its victims into exposing their credit card details when they try to access their Facebook accounts, according to security firm Trusteer.

Adobe releases open source malware classification tool

Adobe Systems has released a malware classification tool in order to help security incident first responders, malware analysts and security researchers more easily identify malicious binary files.

Unpatched Java vulnerability exploited to infect Macs with Flashback malware

A Java vulnerability that hasn't yet been patched by Apple is being exploited by cybercriminals to infect Mac computers with a new variant of the Flashback malware, according to security researchers from antivirus firm F-Secure.

Kelihos gang is building a new botnet, researchers say

The cyber-criminal gang that operated the recently disabled Kelihos botnet has already begun building a new botnet with the help of a Facebook worm, according to security researchers from Seculert.

Do-it-yourself plan to take down Sality botnet outlined on public mailing list

A method that anyone can use to hijack a massive multipurpose botnet called Sality was described in detail on a public mailing list on Tuesday.

Malware infects Macs through Microsoft Office vulnerability

Security researchers have encountered new email-based targeted attacks that exploit a vulnerability in Microsoft Office to install a remote access Trojan horse program on Mac OS systems.