Ever since Stuxnet was discovered, most of the accusing fingers have been pointed at the US, Israel or both, whether or not there was any evidence; it was hard to ignore malware that seemed tailor-made for wrecking Iranian centrifuges and slowing down the country's nuclear development. As it turns out, Occam's Razor is in full effect. An exposé from the New York Times matter-of-factly claims that the US and Israel coded Stuxnet as part of a cyberwar op, Olympic Games, and snuck it on to a USB thumb drive that infected computers at the Natanz nuclear facility. The reason we know about the infection at all, insiders say, is that it got out of control: someone modified the code or otherwise got it to spread through an infected PC carried outside, pushing Obama to either double down (which he did) or back off. Despite all its connections, the newspaper couldn't confirm whether or not the new Flame malware attack is another US creation. Tipsters did, however, deny that Flame is part of the Olympic Games push -- raising the possibility that there are other agencies at work.

[Image credit: David Holt, Flickr]

Stuxnet pinned on US and Israel as an out-of-control creation originally appeared on Engadget on Fri, 01 Jun 2012 14:48:00 EST. Please see our terms for use of feeds.

Much ado was made when security experts found Stuxnet wreaking havoc, but it's looking as though the malware was just a prelude to a much more elaborate attack that's plaguing the Middle East. Flame, a backdoor Windows trojan, doesn't just sniff and steal nearby network traffic info -- it uses your computer's hardware against you. The rogue code nabs phone data over Bluetooth, spreads over USB drives and records conversations from the PC's microphone. If that isn't enough to set even the slightly paranoid on edge, it's also so complex that it has to infect a PC in stages; Flame may have been attacking computers since 2010 without being spotted, and researchers at Kaspersky think it may be a decade before they know just how much damage the code can wreak.

No culprit has been pinpointed yet, but a link to the same printer spool vulnerability used by Stuxnet has led researchers to suspect that it may be another instance of a targeted cyberwar attack given that Iran, Syria and a handful of other countries in the region are almost exclusively marked as targets. Even if you live in a 'safe' region, we'd keep an eye out for any suspicious activity knowing that even a fully updated Windows 7 PC can be compromised.

Flame malware snoops on PCs across the Middle East, makes Stuxnet look small-time originally appeared on Engadget on Mon, 28 May 2012 17:07:00 EST. Please see our terms for use of feeds.

Mobile security researchers present Android Malware Genome Project at IEEE originally appeared on Engadget on Tue, 22 May 2012 22:13:00 EST. Please see our terms for use of feeds.

Normally, firewalls at cellular carriers are your best friends, screening out malware before it ever touches your phone. University of Michigan computer science researchers have found that those first lines of defense could be your enemy through a new exploit. As long as a small piece of malware sits on a device, that handset can infer TCP data packet sequence numbers coming from the firewall and hijack a phone's internet traffic with phishing sites, fake messages or other rogue code. The trick works on at least 48 carriers that use firewalls from Check Point, Cisco, Juniper and other networking heavy hitters -- AT&T being one of those providers. Carriers can turn the sequences off, although there are consequences to that as well. The only surefire solution is to either run antivirus apps if you're on a mobile OS like Android or else to run a platform that doesn't allow running unsigned apps at all, like iOS or Windows Phone. Whether or not the exploit is a serious threat is still far from certain, but we'll get a better sense of the risk on May 22nd, when Z. Morley Mao and Zhiyun Qian step up to the podium at an IEEE security symposium and deliver their findings.

Exploit uses firewalls to hijack smartphones, turns friends into foes originally appeared on Engadget on Tue, 22 May 2012 03:18:00 EST. Please see our terms for use of feeds.

Folks still rocking Apple's Leopard may have been feeling left out after Lion and Snow Leopard both got an update for addressing that Flashback malware. If you're one of them, you'll be glad to know that Apple has finally issued a Leopard fix that comes with a removal tool for the vulnerability afflicting its big cats. In addition to a 1.23MB Flashback update, Apple also released a second 1.11MB fix for Leopard that disables versions of Adobe Flash Player that don't have the requisite security updates. Both should further whittle down the number of Apple computers affected by the Flashback trojan. For the actual updates, feel free to pounce on the source links below.

Apple issues Leopard update with Flashback removal tool originally appeared on Engadget on Tue, 15 May 2012 04:01:00 EST. Please see our terms for use of feeds.

The Macintosh is an impenetrable fortress of malware-free computing, right? In recent years, we've certainly seen that image eroded a bit, thanks to a number of nasty outbreaks. And if you listen to Nikolay Grebennikov, the CTO of security software maker Kaspersky, things have the potential to be much worse. The executive told British site Computing that the company was invited to improve Cupertino's security, only to discover that, "Mac OS is really vulnerable." Grebennikov also had some rather unfortunate news for all the iPad and iPhone owners out there, telling the site, "Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS."

Update: So, this is turning into a whole "he said, they pubbed" situation. We reached out to Kaspersky earlier and just received a comment from the security company, which claims that the whole thing was simply taken out of context. Here's the statement. It's a doozy.

On Monday, April 14, computing.co.uk published an article titled "Apple OS 'really vulnerable' claims Kaspersky Lab CTO" that includes an inaccurate quote regarding Apple and Kaspersky Lab. The article reports that Kaspersky Lab had "begun the process of analyzing the Mac OS platform at Apple's request" to identify vulnerabilities. This statement was taken out of context by the magazine - Apple did not invite or solicit Kaspersky Lab's assistance in analyzing the Mac OS X platform. Kaspersky Lab has contacted computing.co.uk to correct its article.

Please refer to the statement below from Nikolay Grebennikov, Chief Technology Officer, Kaspersky Lab, which clarifies this misrepresentation:

"As Mac OS X market share continues to increase, we expect cyber-criminals to continue to develop new types of malware and attack methods. In order to meet these new threats, Kaspersky Lab has been conducting an in-depth analysis of Mac OS X vulnerabilities and new forms of malware.

This security analysis of Mac OS X was conducted independently of Apple; however, Apple is open to collaborating with us regarding new Mac OS X vulnerabilities and malware that we identify during our analysis. Kaspersky Lab is committed to providing the highest level of security for all of our customers, including Mac OS X, and we will continue to enhance our technologies in order to meet the ever-changing threat landscape. "

Kaspersky exec calls Mac OS 'really vulnerable' (update: clarification from Kaspersky) originally appeared on Engadget on Mon, 14 May 2012 11:39:00 EST. Please see our terms for use of feeds.

Things have gotten interesting in the world of CS updates. Recently, Computerworld reported that Adobe had informed folks using an older version of its famed Creative Suite -- CS5 and CS5.5, to be exact -- they'd have to shell out the CS6 upgrade fee in order to get a fix for some recently discovered bugs. Apparently, Adobe took notice to its customers' dissatisfaction and updated its initial blog post with a changed tune, stating, "We are in the process of resolving these vulnerabilities in Adobe Photoshop CS5.x, and will update this Security Bulletin once the patch is available." The same is true for both Illustrator and Flash. This kerfuffle started after Adobe handed out warnings for eight "critical" vulnerabilities found in certain versions of the three applications -- some of which are said to be exploitable and could potentially be used to "take control of the affected system." We'll see how it all plays out over the upcoming days, but in the meantime hit the links below to see if you need to take any action.

James Trew and Joe Pollicino contributed to this post.

Adobe changes tune on CS5 updates, won't seek paid CS6 upgrade to patch vulnerabilities originally appeared on Engadget on Sat, 12 May 2012 23:59:00 EST. Please see our terms for use of feeds.

By now, we're all quite familiar with the Java-driven trojan that's affected thousands of Apple's rigs, and while the numbers seem to have drastically dropped since the first Cupertino fix, there's still a plethora of machines carrying the bug. According to Symantec, the number of infected computers is now at around 140,000, seeing a decline of over 460,000 since April 9th. Still, the security outfit remains puzzled by the fact, as it expected the digits to be somewhere near the 99,000 mark by now. Perhaps this is due to some folks not even being aware of Flashback's existence, or maybe not checking for software updates as often as most of us. Either way, we hope you've already used one of the tools Apple handed you.

Around 140,000 Apple machines still infected with Flashback malware, says Symantec originally appeared on Engadget on Wed, 18 Apr 2012 07:21:00 EST. Please see our terms for use of feeds.

Apple issues Flashback removal tool for 10.7 Lion systems not running Java originally appeared on Engadget on Sat, 14 Apr 2012 09:53:00 EST. Please see our terms for use of feeds.

Apple releases fix for Flashback malware originally appeared on Engadget on Thu, 12 Apr 2012 17:08:00 EST. Please see our terms for use of feeds.

Apple publishes support page for Flashback malware, is working on a fix originally appeared on Engadget on Tue, 10 Apr 2012 21:50:00 EST. Please see our terms for use of feeds.

OS X malware used to spy on pro-Tibetan charities, reminds us all to keep updated originally appeared on Engadget on Fri, 30 Mar 2012 17:26:00 EST. Please see our terms for use of feeds.

U.S. Department of Defense preps cyber rules of engagement, plans to work more closely with ISPs originally appeared on Engadget on Thu, 22 Mar 2012 08:44:00 EST. Please see our terms for use of feeds.

Continue reading Switched On: Mountain Lion brings iOS apps, malware traps

Switched On: Mountain Lion brings iOS apps, malware traps originally appeared on Engadget on Sun, 26 Feb 2012 18:00:00 EST. Please see our terms for use of feeds.

Google Chrome update brings speedier browsing, enhanced security, joy originally appeared on Engadget on Thu, 09 Feb 2012 03:22:00 EST. Please see our terms for use of feeds.

Google's 'Bouncer' service scans the Android Market for malware, will judge you at the door originally appeared on Engadget on Thu, 02 Feb 2012 15:30:00 EST. Please see our terms for use of feeds.

Google pulls Android Market malware that exploits SMS hole originally appeared on Engadget on Wed, 14 Dec 2011 09:33:00 EST. Please see our terms for use of feeds.

Windows Defender beta gains 'offline' functionality, can run sans-OS originally appeared on Engadget on Fri, 09 Dec 2011 13:56:00 EST. Please see our terms for use of feeds.

US Cyber Command completes major cyber attack simulation, seems pleased with the results originally appeared on Engadget on Fri, 02 Dec 2011 17:34:00 EST. Please see our terms for use of feeds.

WikiLeaks' Spy Files shed light on the corporate side of government surveillance originally appeared on Engadget on Fri, 02 Dec 2011 09:35:00 EST. Please see our terms for use of feeds.

Windows 8 gets automatic updates, enforced restarts after 72 hours of polite harassment originally appeared on Engadget on Tue, 15 Nov 2011 11:33:00 EST. Please see our terms for use of feeds.

Georgia Tech spies on nearby keyboards with iPhone 4 accelerometer, creates spiPhone originally appeared on Engadget on Fri, 21 Oct 2011 11:47:00 EST. Please see our terms for use of feeds.

US government to beat back botnets with a cybersecurity code of conduct originally appeared on Engadget on Fri, 23 Sep 2011 14:34:00 EST. Please see our terms for use of feeds.

Continue reading Looking back at a year of Android Malware

Looking back at a year of Android Malware originally appeared on Engadget on Fri, 12 Aug 2011 16:11:00 EST. Please see our terms for use of feeds.

New Android trojan can record phone calls, expose your embarrassing fantasy baseball talk originally appeared on Engadget on Tue, 02 Aug 2011 11:41:00 EST. Please see our terms for use of feeds.

Google pulls co.cc subdomains from search, brings our global malware nightmare to an end originally appeared on Engadget on Sun, 10 Jul 2011 14:17:00 EST. Please see our terms for use of feeds.

Continue reading Microsoft to malware: your AutoRunning days on Windows are numbered

Microsoft to malware: your AutoRunning days on Windows are numbered originally appeared on Engadget on Sat, 18 Jun 2011 21:17:00 EST. Please see our terms for use of feeds.

Don't bring your computer viruses to Japan, because they're illegal now originally appeared on Engadget on Fri, 17 Jun 2011 13:33:00 EST. Please see our terms for use of feeds.

More malware in the Android Market: Google removes 26 deleterious app doppelgangers originally appeared on Engadget on Wed, 01 Jun 2011 18:19:00 EST. Please see our terms for use of feeds.

Apple cracks down on MacDefender, prevents malware downloads with daily quarantine list originally appeared on Engadget on Wed, 01 Jun 2011 08:22:00 EST. Please see our terms for use of feeds.

Skype taken to task by angry users over claimed crapware payload (update: disabled for now) originally appeared on Engadget on Sun, 29 May 2011 19:37:00 EST. Please see our terms for use of feeds.

Samsung reportedly installing keylogger software on laptops (update: it's a false-positive) originally appeared on Engadget on Thu, 31 Mar 2011 06:07:00 EST. Please see our terms for use of feeds.

Visualized: preconceived notions about personal computer security originally appeared on Engadget on Thu, 24 Mar 2011 13:23:00 EST. Please see our terms for use of feeds.

Google spikes 21 malicious apps with big download counts from the Market (update: Android 2.2.2 and up are immune) originally appeared on Engadget on Wed, 02 Mar 2011 06:48:00 EST. Please see our terms for use of feeds.

Microsoft rolls out long, long-awaited Windows update to disable AutoRun for USB drives originally appeared on Engadget on Sat, 12 Feb 2011 23:44:00 EST. Please see our terms for use of feeds.

AT&T, Verizon, RIM get serious about security for mobile devices originally appeared on Engadget on Thu, 23 Dec 2010 13:22:00 EST. Please see our terms for use of feeds.

Google hacked site notification notifies you if your site is hacked (repeat this five times fast) originally appeared on Engadget on Sun, 19 Dec 2010 09:06:00 EST. Please see our terms for use of feeds.

Chrome sandboxes Flash Player in latest Dev channel release for Windows originally appeared on Engadget on Thu, 02 Dec 2010 05:50:00 EST. Please see our terms for use of feeds.

Mac malware survey finds mostly incompatible nasties originally appeared on Engadget on Wed, 24 Nov 2010 16:33:00 EST. Please see our terms for use of feeds.

Report warns of the increased use of SEO Poisoning to spread malware originally appeared on Engadget on Wed, 10 Nov 2010 16:34:00 EST. Please see our terms for use of feeds.