Unsupported versions of Honeywell distributed control system software are vulnerable to publicly available remote exploits.
Tag Archives: Malware
Dyreza Trojan Targeting IT Supply Chain Credentials
The Dyreza, or Dyre, Trojan has been spotted phishing credentials in attacks against the IT supply chain.
Curbing the For-Profit Cybercrime Food Chain
Researchers with Google and a handful of universities believe security practitioners need to focus on evaluating how cybercriminals adapt to interventions instead of trying to protect users.
XcodeGhost: What it Is and How to Avoid it. The Sheen Comes off Apple’s Invincibility
In what is a timely reminder that even the largest, and seemingly controlled, companies can face a cyberattack, Apple revealed that its Chinese App Store had been attacked by malware.
In what is thought to be the first attack on Apple’s App Store, the infection consisted of malicious code placed into iPad and iPhone apps that are popular in China. The hackers created a counterfeit version of Apple’s software for building iOS apps, which they then convinced developers to download. Once the apps were made and downloaded, the attackers were able to steal data about users and send it to servers they control.
The malware, known as XcodeGhost, could also allow the attackers to send fake notifications to users which could result in unsuspecting victims revealing valuable information. Cybersecurity firm Palo Alto Networks also states that is possible for the attackers to see log in information and other actions carried out on the device.
“In China – and in other places around the world – sometimes network speeds are very slow when downloading large files from Apple’s servers,” explained Palo Alto Networks. “As the standard Xcode installer is nearly three gigabytes, some Chinese developers choose to download the package from other sources.
Some of the apps that were affected by the attack include some that are available for purchase in App Stores outside of China, such as thee business card scanner CamCard.
“We’ve removed the apps from the App Store that we know have been created with this counterfeit software,” said Apple spokeswoman Christine Monaghan. “We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps”.
How to avoid XcodeGhost
- Having the operating system updated.
- Only download applications from the official store. Of course, in this case the infected apps were in the Apple store, but they have been swiftly eliminated.
- Use common sense – it’s one of the best ways to protect yourself
- Also, connect your iPhone or iPod to your Mac and scan it for malware with our antivirus for Mac
The post XcodeGhost: What it Is and How to Avoid it. The Sheen Comes off Apple’s Invincibility appeared first on MediaCenter Panda Security.
Apple removes hundreds of malicious apps after major malware attack
Apple has removed more than 300 malicious apps after confirming the first major breach to its iOS app store.
The post Apple removes hundreds of malicious apps after major malware attack appeared first on We Live Security.
D-Link Accidentally Leaks Private Code-Signing Keys
Private keys used to sign D-Link software were included in open-source firmware published by the company.
The evolution of ransomware: From PC Cyborg to a service for sale
A look back at how ransomware – a type of malware used mostly for hijacking user data – has evolved from the days of PC Cyborg to today’s service for sale.
The post The evolution of ransomware: From PC Cyborg to a service for sale appeared first on We Live Security.
The Trojan Games: Odlanor malware cheats at poker
Every now and again, ESET comes across an attack that “stands out”. Odlanor malware fits that bill – this unique trojan targets players of online poker.
The post The Trojan Games: Odlanor malware cheats at poker appeared first on We Live Security.
iOS AirDrop vulnerability allows for malware installation on Apple devices
A security expert has found a vulnerability on iOS devices that allows malware to be installed via AirDrop.
The post iOS AirDrop vulnerability allows for malware installation on Apple devices appeared first on We Live Security.
Android – The rooting story
You have an Android device and the performance is not as good as it was in the first days after you bought it? You want to delete the bloatware applications which are automatically installed from the manufacturer by default but there is no option to do that? If you seek help for problems like these and do some research in the internet, one of the first things to do you will probably read about is “rooting your Android device”.
The post Android – The rooting story appeared first on Avira Blog.