Editor's News

Kaspersky Lab experts have published the results of their analysis of the mobile threat landscape in 2013 this week. The analysis has revealed that over 100,000 new malicious programs for mobile devices were detected in 2013, which is more than double the previous year’s figure of 40,059 samples. Perhaps unsurprisingly, Android was the most exploited with 98.1 per cent of all mobile malware detected in 2013 targeting Android devices; and approximately 4 million malicious applications...

Mobile World Congress is now underway and here is a round-up of the latest security news: It's no surprise that with the Snowden revelations and snooping allegations that have come to light, mobile security will be somewhat of a hot topic at this year's Mobile World Congress in Barcelona. Enter Blackphone, which runs on a customised version of Google's Android software and encrypts texts, voice calls and video chats. It will tap into the market...

The agenda for CRESTCon & IISP Congress, which takes place on 19th March 2014 at the Royal College of Surgeons in London, has been announced. Speakers at the event include: Ray Stanton, Executive Vice President at BT Global Services; Penny Allen, Head of Incident Response at BAE Systems Applied Intelligence; Julian Meyrick, Director, Security Services Europe at IBM; James Campbell, Cyber Threat Detection & Response at PwC; Stephanie Daman, CEO at Cyber Security Challenge and...

On Friday, Apple  released a patch for quite a substantial security vulnerability in its iOS operating system that meant hackers could read an modify encrypted communications on iPhone, iPad and other iOS devices. In an email to IT Security Guru, Mark Bower, VP at Voltage Security answers some important questions about what users should be aware of. What's the meaning of the flaw and what do users need to do now? The flaw basically means...

Zscaler, the global security cloud for the mobile enterprise, today announced a strategic partnership with Samsung Electronics Co., Ltd., to provide the industry’s first enterprise-ready mobile security solution. The deep integration of the Zscaler security cloud with Samsung KNOX, a secure Android platform for enterprise mobility, provides a streamlined, enterprise-ready solution for both Samsung and Zscaler customers. This enterprise-grade mobile security solution from Zscaler and Samsung is made possible by extending the security and compliance...

An analysis of security vulnerabilities in Small Office/Home Office (SOHO) wireless routers carried out by Tripwire shows that critical security vulnerabilities are endemic across the entire SOHO wireless router market.  The research, that surveyed 653 IT and security professionals and 1,009 employees who work remotely in the U.S. and U.K showed that a surprising number of IT professionals  and employees who work remotely do not use basic security controls to protect their wireless routers. Tripwire’s...

RSA, the security division of EMC, researchers have recently traced a forum post leaking the iBanking mobile bot control panel source-code. Apart from the server-side source-code, the leaked files also include a builder (a bash script) that can un-pack the existing iBanking APK file and re-pack it with different configurations, essentially providing fraudsters with the means to create their own unique application.   iBanking mobile bot is a relative new-comer to the mobile malware scene, and...

AlienVault researcher identifies Yara rules for detecting Careto malware components Last week, Kaspersky Lab released their research (Unveiling "Careto" - The Masked APT) on a fresh APT campaign, which is supposed to have been running for several years. The campaign has different pieces of malware designed for Windows and OSX systems, and also clues of components for Android and iOS devices. The main targets of this campaign are thought to be government, diplomatic and research institutions, as well as private...

Apple apps are more risky than Android when it comes to location tracking, sharing data with third parties and weak authentication. According to analysis by Appthority of 400 paid and free apps offered for both iOS and Android, 95 per cent of the top 200 free apps on iOS and Android exhibit at least one risky behaviour. While 80 per cent of paid-for apps demonstrate risky behaviour, Appthority said that iOS apps are riskier overall...

Cyber Ark is offering a free trial of a new tool that can identify and map exposed password hashes and vulnerable machines on a network. According to the company, CyberArk DNS (discovery and audit) is a patent-pending, lightweight, stand-alone tool that exposes the magnitude of privileged account security risks by enabling organisations to easily identify and analyse all privileged accounts across their network. CyberArk DNA v4 free trial licenses are currently available to all businesses...