The 'keylogger' that's built into Windows 10 has gained something of a bad reputation -- but it's really a bit of a misnomer. Yes, there is a component that -- technically speaking -- tracks what you input using the keyboard, screen, mouse, voice, and stylus... but it's a bit more complicated than that. It is not really a keylogger in the sense that the malware term usually implies.

Microsoft openly admits that "when you interact with your Windows device by speaking, writing (handwriting), or typing, Microsoft collects speech, inking, and typing information". It's done with the intention of improving the accuracy of suggestions, providing a personalized experience, and so on. But we live in an age where privacy matters. If you are concerned about the privacy implications of this component of Windows 10, you can disable it. Here's how.

Continue reading →

We're used to seeing malware that exploits unpatched vulnerabilities in software. But in a new twist attackers are bundling an old version of remote access package TeamViewer with their malware in order to take advantage of a flaw.

The malware known as TVSPY has been uncovered by researchers at security company Damballa. While the current version of TeamViewer has fixed this vulnerability, the bundled version works independently of any existing TeamViewer installation on the target PC.

Continue reading →

Two security researchers have discovered a serious vulnerability in OS X that could allow an attacker to steal passwords and other credentials in an almost invisible way. Antoine Vincent Jebara and Raja Rahbani -- two of the team behind the myki identity management security software -- found that a series of terminal commands can be used to extract a range of stored credentials.

What is particularly worrying about the vulnerability is that it requires virtually no interaction from the victim; simulated mouse clicks can be used to click on hidden buttons to grant permission to access the keychain. Apple has been informed of the issue, but a fix is yet to be issued. The attack, known as brokenchain, is disturbingly easy to execute.

Continue reading →

Receiving a new smartphone with malware pre-installed is unlikely, but this is exactly what has happened with handsets from well-known brands sold by some third-party sellers in Asia and Europe. Consumers expect them to run factory software, so it is unlikely that they will check to see whether it has been modified prior to using their account credentials and storing sensitive information, making these kind of infections extremely dangerous.

Security firm G Data has discovered malware on more than 20 smartphone models which were advertised as new. And we are not talking about no-name brands. Among other companies, Huawei, Lenovo and Xiaomi, top-tier vendors, have had their devices infected prior to the sale.

Continue reading →

Stagefright was one of the biggest and most worrying security vulnerabilities to be discovered in Android for quite some time. Affecting the mediaserver component, Stagefright allowed for the remote bricking of devices with nothing more than a message. Now a new, yet-to-be-named vulnerability has been discovered in the same component, specifically the AudioEffect element.

Known as CVE-2015-3842, the vulnerability allows a hacker to run their own code on a phone using whatever permission they want. Security researchers at TrendMicro discovered the vulnerability and explain that it can be implemented by simply tricking users into installing a specially-designed app that has no permission requirements and is therefore unlikely to raise suspicions.

Continue reading →

We all know that virus infections are a pain, not only do they disrupt your work they can also be hard to remove as they often prevent you from downloading or running cleanup tools or even from accessing Windows.

If you don’t have access to a friendly geek with the right tools you can be faced with hours of work or even having to wipe out and reload your machine.

Continue reading →

Lenovo is no stranger to bloatware, but the latest crapware calamity is cut from a slightly different cloth. In a bid to ensure that its software is installed on its computers, Lenovo BIOSes feature a tool that automatically downloads and installs bloatware even after a clean installation of Windows.

The issue is not entirely new, having been brought to light on Ars Technica's forums, but there is renewed interest in the topic following the launch of Windows 10. Lenovo is making use of a little-known feature called the Window Platform Binary Table which can be used by manufacturers to stealthily install software via the BIOS. The 'feature' is seen by many as amounting to little more than a rootkit, and blame has been laid at the doors of both Lenovo and Microsoft.

Continue reading →

According to a new report by endpoint security specialist Invincea malvertising is causing more than $1 billion worth of damage each year.

Based on data gathered in the first six months of this year the company detected and blocked approximately 2,100 malvertising attacks against its customers, representing 2.1 million malicious advertisements. Invincea estimates this caused $525 million of damage in repair and recovery expense, excluding the impact of any data breaches.

Continue reading →

If you've added your mobile number to your Facebook account, you might want to reconsider in light of a new security exploit. A software engineer was able to access user data just by entering their mobile number. Profile pictures, names and locations were all accessible even for users who had not made their number public.

There is potential for such harvested data to be misused by malicious parties, as it provides an easy way to link a mobile number to an individual. Reza Moaiandin was able to use a special tool to quickly generate tens of thousands of numbers which, when passed through a Facebook API, fed back the associated user profiles.

Continue reading →

Today, data breaches are nothing short of the norm. Organizations like Target, Home Depot, and even the United States Government have fallen victim to cyber criminals illegally accessing and tampering with the sensitive data in their private systems. While cloud computing has simplified the way organizations manage data, it has also made it easier than ever for hackers to gain access to systems and get their hands on critical corporate information.

Of all the players taking part in today’s cyber crimes, malware authors are among the most powerful. Not only are they able to create new ways to steal sensitive information, they are also making the existing types of malware stronger and more effective. As malware becomes increasingly sophisticated, more and more household names and large corporations are becoming data breach victims. As result, headlines are flooded with news of the latest threats to be on the lookout for. Here are some of the top malware threats that companies should have on their radar and be prepared for.

Continue reading →

Macs have long been touted as being immune to viruses and malware -- but there have been plenty of vulnerabilities that show this to be a fallacy. Apple's own claims that its hardware was not susceptible to the same firmware security flaws as PCs served only to encourage people to prove the company wrong.

At Black Hat USA on Thursday, researchers will demonstrate that not only can Macs be remotely infected with malware, but that this malware can survive a user formatting the system. In a talk at the InfoSec event in Las Vegas that focuses on all manner of security topics, Trammell Hudson, Xeno Kovah, and Corey Kallenberg will show that Macs are just as vulnerable to remote attacks as PCs using the Thunderstrike 2 backdoor.

Continue reading →

The world of computer viruses has changed drastically over the last 25 or so years. In the early days, internet users were very naïve towards email attachments, contributing to the alarming speed that viruses could spread across the globe.

These days, viruses very rarely land in our inboxes due to preconfigured firewalls and strict measures from the likes of Gmail and Outlook.

Continue reading →

At the beginning of this year the RIG exploit kit had its source code leaked online by an unhappy reseller. This led to a hit in its success rate as security company Trustwave published details of its workings.

Trustwave has revealed today at BlackHat that RIG's authors have been working on a new RIG 3.0 version. The company's researchers say there are now up to 1.25 million victims worldwide and more than 3.6 million attack attempts. A remarkable success rate of 34 percent.

Continue reading →

Since news and entertainment websites are amongst the most popular on the net, it's not surprising that they're more likely to play host malicious adverts.

A new report by Bromium Labs reveals that more than half of malvertising is unknowingly hosted on news and entertainment websites. 58 percent of online adverts with hidden malware were delivered through news websites (32 percent) and entertainment websites (26 percent). Major websites unknowingly hosting malvertising included cbsnews.com, nbcsports.com, weather.com, boston.com and viralnova.com.

Continue reading →

When Hacking Team was hacked, a massive cache of data was leaked, including the source code for government-strength surveillance tools. Hacking Team warned that the code could have fallen into terrorist hands, but then backtracked slightly to say that any code that had been obtained was incomplete and out of date.

We already know that the company managed to sneak malicious apps into Google Play, and you might be concerned that some of its malware has made its way onto your computer. To help put minds at rest -- hopefully -- Rook Software has released a tool to seek out Hacking Tool malware.

Continue reading →