Week in review: First Android bootkit, Global Payments breach, and how to do BYOD the right way
Here’s an overview of some of last week’s most interesting news, podcasts, interviews, videos and articles: Penetration testing tips, tricks and unusual situations …
SMS-controlled Android malware records calls
Researchers at NQ Mobile Security have discovered a new piece of Android malware that receives instructions, i.e. is controlled, via SMS. Dubbed TigerBot, the Trojan hides by …
Sophos finds unauthorized RATs on server, takes partner portal offline
Renowned security firm Sophos has taken down one of its partner portals (located at ) following the discovery of a compromise of the server on which it’s hosted. …
Searching for Easter eggs leads to malware
Blackhat SEO is a popular tactic for malware peddlers to distribute their wares to unsuspecting victims, and the weeks before major holidays are always a perfect time for …
Microsoft to release four critical bulletins
The Microsoft Security Bulletin Advance Notification for April 2012 contains six bulletins. The number of bulletins isn’t huge but the potential harm is great. Of the …
Polymorphic Facebook scam targets users
An insidious scam that can result in multiple malware downloads is currently targeting Facebook users, warns Bitdefender. It starts rather predictably, as users inadvertently …
It’s official, corporate passwords are cheap
Nearly 50 per cent of employees would readily sell their corporate passwords for less than £5, according to Ping Identity. 30% would do the deed for even less, happily …
Free malware scanning and blacklist monitoring for websites
Comodo released SiteInspector, a free malware scanning and blacklist monitoring for websites. The free service allows website owners to set up recurring, daily checks on any 3 …
Private cloud solution designed to meet compliance requirements
Terremark, a Verizon Company, launched Enterprise Cloud Private Edition. This private cloud solution is designed as a single-tenant environment to meet the security compliance …
Agentless deployment option for McAfee MOVE AV
McAfee announced a new agentless deployment option for McAfee MOVE AV solution which provides defenses against all types of physical and virtual attacks through a single high …
How Google Tests Software
Testing expert James Whittaker, a former Google testing leader, and two top Google experts reveal exactly how Google tests software, offering best practices you can use. How …
Microsoft gains innovative security ideas at a low cost
April 1 marked the deadline for submissions for this year’s edition of Microsoft’s BlueHat Prize competition and, according to Katie Moussouris, a senior security …
Featured news
Resources
Don't miss
- What makes a security program mature and how to get there faster
- EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations
- Win-DDoS: Attackers can turn public domain controllers into DDoS agents
- How Brandolini’s law informs our everyday infosec reality
- From legacy to SaaS: Why complexity is the enemy of enterprise security