Mention the US and Russia in the same sentence and the mind naturally wanders to three things. Firstly, the alleged links between the Trump administration and Russia, secondly whether or not the FBI investigation of these alleged links led to the dismissal of Comey, and thirdly whether or not Russia interfered with the US election.

But now the US government is reviewing whether or not to continue to use Russian-made security software from Kasperksy. Defense Intelligence Agency director Vincent Stewart says "we are tracking Kaspersky and their software." He does not elaborate or give reasons, but there have been -- as yet unsubstantiated -- claims that Russia has been using Kaspersky software to spy on America. The director of the NSA is "personally involved" in monitoring the company.

Continue reading →

ModZero security researchers have uncovered an unexpected behavior in an HP audio driver. The package, which is offered by the electronics maker through its website, secretly registers "all keyboard input," effectively working as a keylogger. Question is, is this a bug or a feature?

It is not abnormal for an audio driver to look for when certain keys are pressed, as, for instance, if you press the volume down button on the keyboard the driver needs to intercept that keystroke so it does what you asked it to, but it is uncommon for one to cast such a wide net, and, as a result, put users' private information, like usernames, passwords, personal communication and so on, at risk.

Continue reading →

Come on, people. We’re almost halfway through 2017, and you’re still opening shady email attachments? Glasswall Solutions seems to think so. As a matter of fact, its new report says UK workers are "too trusting" of email attachments.

More than half, 58 percent, "blindly" open email attachments from unknown sources. Three quarters, 75 percent, recognize how often they get shady emails. Just 16 percent thinks they should be worried about a cyber-attack.

Continue reading →

So called 'newsletter bombs' are increasingly being sent to the publicly known email addresses of journalists, companies, and also dot-gov email addresses. These attacks send thousands of fake newsletter sign-up emails to targeted email addresses rendering the attacked mailbox useless.

According to German secure email service Tutanota, which had its own main contact address targeted, these attacks are easy to execute because most newsletter sign-up forms have no protection against malicious bot sign-ups.

Continue reading →

A new report from Panda Security's PandaLabs research arm reveals that real time attacks that involve direct interaction with the victim are on the rise.

It also shows the increasing professionalism of cyber criminals. Highly specialized groups are forming in fields like the creation and distribution of malware and exploits. An example covered by PandaLabs is the RDPatcher attack, the purpose of which is to put the victim’s computer up for sale on the black market for use in a bot network.

Continue reading →

The Sednit group believed to have been involved in interference with the French election was also responsible for a phishing attack that used President Trump to lure in victims. Security firm ESET analyzed a phishing email with an attachment named Trump's_Attack_on_Syria_English.docx and found that it had the hallmarks of the well-known group.

The document was engineered to infect victims' computers with the Seduploader tool, and it did this by exploiting two vulnerabilities, one in Microsoft Word, and one in Windows. Sednit -- previously known as APT28, Fancy Bear, and Sofacy -- took advantage of a recently discovered Remote Code Execution vulnerability in Word (CVE-2017-0262) as well as a security hole in Windows (CVE-2017-0263) in executing the attack.

Continue reading →

Researchers at cyber security firm Bitdefender recently unveiled a new targeted attack and named it Netrepser. What makes this threat different from other APTs (advanced persistent threat) is that it was built with readily available software tools.

The goal of Netrepser, according to Bitdefender, is to steal data from government agencies. No information on which agencies were targeted. Netrepser uses multiple methods to get its tiny digital hands on the victim’s information, from keylogging, to password theft, to cookie theft. At the very heart of this tool is a "legitimate, yet controversial" recovery toolkit provided by Nirsoft.

Continue reading →

The security of Android has been questioned many times, but the general thinking is that installing apps from Google Play offers a decent level of protection. But research by Check Point shows that this is not the case due to a flaw in permissions.

The permission model used by Google grants apps installed from the Play Store extensive access, and opens up the risk of malware, ransomware and other threats. Google is aware of the problem, but does not plan to address it until the release of Android O, meaning that an unknown number of apps pose a risk to millions of users.

Continue reading →

We live in strange times when security software is needed for TVs -- although given recent WikiLeaks revelations, it's perhaps not entirely surprising -- but this is precisely what McAfee is providing. The security firm today announces an expansion of its partnership with Samsung, and this sees the company providing protective software that will be pre-installed on a range of devices.

As well as smart TVs, McAfee will also be offering security software for Samsung PCs and smartphones. A recent survey by McAfee found that consumer concerns "underscore the need for robust cross-device security," but is the company using this as a money-making venture?

Continue reading →

Ransomware is one of the most successful and profitable weapons in the cyber criminal's armory, partly because it leverages an old-fashioned crime in a new digital format.

A new study by Barracuda Networks reveals that 92 percent of people surveyed are concerned about ransomware hitting their organization, and 47 percent of respondents have been a victim of ransomware themselves.

Continue reading →

Whether it's due to a specific cyber attack, theft of data, or a wider criminal investigation, it's increasingly necessary to be able to capture evidence from mobile devices.

Forensic investigation software specialist Guidance Software is launching a new version of its EnCase product aimed at safely gathering data from mobiles.

Continue reading →

Data breaches not only cost businesses money in the short term, they can cause long term reputational damage as stolen details turn up for sale in dark corners of the internet.

Cyber security company Comodo is offering enterprises with more than 1,000 employees a free 'Company Threat Analysis' to determine if their sensitive information is for sale on the Dark Web and, if so, how to prevent compromises from happening again.

Continue reading →

It's no secret that most people are rubbish at choosing passwords -- it's something that's proved time and time again when the annual list of common passwords is released. To help overcome the problem, and hopefully increase the security of people's accounts, a team of researchers from the Carnegie Mellon University and the University of Chicago have created an open source password meter that provides advice about how to strengthen a password.

While it's quite common to encounter online forms that require you to create passwords that meet certain criteria, it still does not necessarily mean they are secure. CyLab Usable Privacy and Security Laboratory (CUPS), in conjunction with the Institute for Software Research, has created a tool that provides real-time feedback that helps to explain why a password is insecure, and offers tips about how to strengthen it.

Continue reading →

A number of people who were members of the dating website Guardian Soulmates had their email addresses exposed following a data breach. The exposure of usernames and email addresses led to some users receiving explicit emails.

Human error has been blamed for the breach, with site owner Guardian News and Media (GNM) saying that the problem stemmed from a third-party technology provider. The issues meant that private details were made available via users' public profiles.

Continue reading →

Google’s Project Zero identifies bugs and security flaws in commonly used software, and gives firms 90 days to patch them before going public. This is an approach which doesn’t always go down well -- a case in point being when Google recently released details of a Windows bug after Microsoft failed to patch it in time.

Now two Project Zero security researchers claim to have found a new critical remote code execution (RCE) vulnerability in Windows which they describe as the "worst in recent memory" and "crazy bad".

Continue reading →