The 2012 Internet Census published earlier this year revealed that embedded devices are facing serious security threats when connected to the Internet. The issue appears bigger than expected, according to Metasploit maker HD Moore’s presentation at AusCERT2013. Embedded devices – an umbrella term defining specialized appliances that run their own operating system such as GPS receivers, industrial equipment,...

The Japanese division of Yahoo may have leaked roughly 22 million user IDs in a hack targeted at their administrative system. According to a news report from SecurityWeek, the extent of the damage is still unknown, but the company presumes user data may have been exfiltrated from Yahoo! Japan servers. "We don't know if the file was leaked or not, but we can't deny the possibility given the volume of traffic...

The Bitdefender labs are currently working on an analysis of a Mac OS X backdoor that has been discovered by independent security researcher Jacob Applebaum on an Angolan activist. The victim, who had fallen victim to a phishing scam, ended up installing a malicious piece of code that acts as a backdoor, taking screenshots, and then uploading them to the command and control center. While relatively basic, t...

Imagine you receive an e-mail from an unknown prince / political refugee  – the classic Nigerian scam of the past 10 years. You wouldn’t fall for that, would you? Imagine now a legit business proposal from a bank manager with all the credentials, work experience and peers. It’s not even disguised as a Nigerian operation - it’s a business proposition. And it’s on LinkedIn. We got such a message from an indiv...

A number of Dutch ministerial sites were brought offline for several hours by a massive distributed-denial of service attack. "The government's sites have been the target of a DDoS attack since last night around 8:00 pm,'' deputy director Robert Wester told the AFP. The sites remained offline throughout the night as IT teams tried to restore access to the affected services. This is not an isolated incident:...

If you tried to access Yahoo mail today, chances are that you saw at least once the Safe Browsing dialog instead of your inbox, as one of the advertisers showing banners on Yahoo has started serving malicious content. The malicious ads started showing up earlier this morning, when ad pusher eqads.com got blocked by Google Safe Browsing. A closer look into the incident revealed that the eqads.com site is red...

An article published in MacWorld earlier today about an iPhone application labeled as malicious has raised a number of concerns among users. Upon Ars Technica’s request, we looked into the issue and here’s a run-down of what we found: Sample MP3 header and metadata. Not related to this malicious incident. Today, an iOS user noticed that the $2 game Simply Find It developed by Simply Game is detected as pote...

A Skype user by the handle Ximer had his account stolen six times in a single day by a group of cyber-crooks. According to a post by the victim on the Skype Community forum, the attackers repeatedly conned the Skype support team into handing them control over Ximer’s account. To restore access to a lost account, the Skype support team asks the user to provide three to five contacts on Skype, one e-mail addr...

The FBI’s petition to plant spyware on suspects’ computers to harvest information helpful for an investigation has been dismissed by a judge in the U.S. District Court for the Southern District of Texas. The petition was sent in March, when the FBI sought a warrant to search a computer of an unknown suspect at an unknown location, in relation to e-banking fraud. According to Computerworld, the software woul...

An improperly implemented feature in popular voice-over-IP application Viber can help cyber-criminals to bypass the locking mechanism of smartphones. UPDATE: Viber has contacted us to announce an update that fixes the issue. Please make sure that you install the update from Google Play or from the company's product page. According to a report by BKAV, Android-based smartphones running Viber can be unlocked ...