malware

Microsoft settles botnet case against Chinese site

Microsoft reached a settlement in its legal case against a Web site that has been linked to malicious activity, with the Chinese company agreeing to block malware tied to its domain.

The software giant, which originally filed the suit about two weeks ago, said today that the operator of 3322.org, Peng Yong, has agreed to work with Microsoft and the Chinese Computer Emergency Response Team to block all malicious connections to the 3322.org domain and prevent malware infections associated with the site.

The 3322.org owner will direct all subdomains identified in a "block-list" to a … Read more

How to disable Java in IE, Firefox, Chrome, and Safari

Last week's notice by researchers at Security Explorations of an unpatched hole in the Java runtime environment may have left you wondering whether to disable Java until Oracle releases a patch. CNET's Topher Kessler noted in his report on the Java flaw that no malware exploiting the vulnerability has yet been documented.

Which leads to the question, "Do I need Java?"

The best way to find out is to disable Java in your browser and re-enable it only if you encounter a site that prompts you to download Java before it will open. Then you can … Read more

Lookout now blocks Dialer exploits

Android fragmentation affects security patches, too. Instead of waiting to see which devices have been protected against a Dialer app vulnerability discovered earlier this week, Lookout Mobile Security (download) has stepped into the breach with a patch for it today. So far, it's the only known Android security app to block the exploit, but even Lookout's patch requires initial user input.

The vulnerability allowed some Samsung phones to be remotely wiped from the Dialer app, the "phone" part of your smartphone. While Samsung pushed out a patch quickly, it's not clear if other phones have … Read more

Adobe to revoke code signing certificate

Adobe said today it will revoke a code signing certificate after discovering malware that was digitally signed with the certificate.

"Adobe is currently investigating what appears to be the inappropriate use of an Adobe code signing certificate for Windows," Brad Arkin, senior director of security at Adobe, wrote in a blog post. "We plan to revoke the impacted certificate on October 4, 2012 for all software code signed after July 10, 2012."

"The evidence we have seen has been limited to a single isolated discovery of two malicious utilities signed using the certificate and indicates … Read more

Avira kills its pop-up for 2013, sort of

The competition for the best free Windows security suite just got a lot more intense, as Avira returns to the field with its second major revamp in as many years of its flagship free antivirus and paid upgrades.

Available exclusively from Download.com today, Avira Free Antivirus 2013, along with the paid upgrades Avira Antivirus Premium 2013 and Avira Internet Security 2013, greatly expand the kinds of protection that Avira offers.

Avira wouldn't reveal a precise number of people who use the suite, but Opswat puts them at around 12.1 percent of the worldwide Windows market. Travis Witteveen, … Read more

Twitter users may be victims of direct message malware

A friend of mine recently sent me a direct message on Twitter, it said "lol u didnt se them taping u" and had a link to Facebook. I hadn't remembered being taped in the past few days and I'd never seen my friend use this type of Twitter-shorthand, along with typos. To me, it was obviously spam.

I'm not the only one to be getting these spammy direct messages on Twitter that lead to bogus Facebook links. Apparently a lot of people have been complaining of these messages, according to Sophos analyst Graham Cluley who … Read more

Flashback malware for OS X appears to be going extinct

Just over a year after the Flashback malware began making its appearance on OS X systems, its prevalence has dwindled to the point where, according to ESET, it appears to be going extinct.

In September 2011, Flashback debuted as a fake installer for Adobe's popular Flash plug-in, which was propagated using search-engine optimization to popularize compromised personal blogs and Web sites. While at first the malware did not gain much traction, the criminals behind it began changing their modes of attack, and in in taking advantage of an unpatched Java vulnerability it turned into a widespread drive-by download that … Read more

Kaspersky reports 3 more Flame-related malware variants

Kaspersky Lab has published an update in its investigation of the Flame cyber-espionage campaign, which the security experts discovered in May.

The research, which Kaspersky conducted in partnership with IMPACT, CERT-Bund/BSI and Symantec, identified traces of three previously undiscovered malicious programs.

Specifically, Symantec has highlighted forensic analysis of two of the command-and-control (C&C) servers behind the W32.Flamer attacks that targeted the Middle East earlier this year.

Here's what the group found after analyzing the C&C servers:

The two servers were set up on March 25, 2012, and May 18, 2012.The servers … Read more

Google identifies The Verge as malware host

Despite warnings that some Chrome users are seeing today, Joshua Topolsky wants to assure readers of The Verge that his site is not rife with malware.

The problem apparently began this morning when visitors to the tech news site using Google's Web browser were greeted with a message informing them that The Verge contained content from SBNation.com, a site the Web giant accused of distributing malware. (SBNation, a sports news site, is a Verge sister site.) "Your computer might catch a virus if you visit this site," the notice warned.

However, Topolosky, the editor in chief … Read more