Security research firm NSS Labs has released an open source scanning tool that is capable of detecting all malicious drivers used by the new Duqu threat, according to its engineers. However, other security vendors believe that the malware's creators are capable of evading detection at any time.
Stories by Lucian Constantin
A hacking group called d33ds broke into the online shop of a rival hacker who sells unauthorized access to high-profile websites and data.
Romanian eBay hacker Vlad Duiculescu, known online as "Vladuz," lost the appeal to get his three-year suspended prison sentence reduced on Tuesday. The court also dismissed the appeal lodged by prosecutors regarding the hacker's acquittal on organized crime charges.
A server belonging to the Massachusetts Institute of Technology was commandeered by hackers who used it to launch attacks against other websites as part of a larger drive-by download campaign, according to antivirus vendor BitDefender.
Facebook's fake account detection mechanisms can be defeated 80 percent of the time with the help of automated tools, researchers from the University of British Columbia (UBC) have found after an eight-week test.
Danish vulnerability management company Secunia aims to make the task of reporting software vulnerabilities easier for security researchers by offering to coordinate disclosure with vendors on their behalf.
Security researchers from the CrySyS laboratory in Hungary have located an installer for Duqu, the <a href="http://www.pcworld.com/businesscenter/article/242114/duqu_new_malware_is_stuxnet_20.html">Stuxnet-inspired threat</a> that has kept the security industry on its toes for the past couple of weeks, and determined that it exploits a previously unknown vulnerability in the Windows kernel.
Researchers from Stanford University have developed an automated tool that is capable of deciphering text-based anti-spam tests used by many popular websites with a significant degree of accuracy.
A newly identified Mac OS X Trojan bundles a component that leverages the processing power of video cards (GPUs) to generate Bitcoins, a popular type of virtual currency.
A serious code injection vulnerability affecting timthumb, a popular image resize script used in many WordPress themes and plugins, has been exploited in recent months to compromise over 1 million Web pages.
The frequency of attacks that distribute fake antivirus software, a long-time pillar of the underground economy, has decreased considerably in recent months. However, security researchers warn that the industry is not yet dead and new versions of attacks continue to be released.
New social engineering attacks are tricking Facebook users into exposing anti-CSRF tokens associated with their sessions. These security codes allow attackers to make unauthorized requests through the victim's browser.
Czech based free domain provider dotFree Group has settled the lawsuit brought against it by Microsoft in the Kelihos takedown case by suspending all abusive hosts registered through its service and promising better collaboration in the future.
Security vendor Kaspersky Lab has identified infections with the new Duqu malware in Sudan and, more importantly, Iran, the main target of the Trojan's predecessor -- Stuxnet.
Researchers from the Horst Goertz Institute (HGI) of the Ruhr-University Bochum (RUB) in Germany have demonstrated an account hijacking attack against Amazon Web Services (AWS) that they believe affects other cloud computing products as well.