Breaking News




Source: Kaspersky (securelist.com)

Sep 16, 2016
For malware writers, Google Play is the promised land of sorts. Once there, a malicious application gains access to a wide audience, gains the trust of that audience and experiences a degree of leniency from the security systems built into operating systems. On mobile devices, users typically cannot install applications coming from sources other than the official store, meaning this is a seriou...


Source: Kaspersky (securelist.com)

Sep 16, 2016
Almost every Android OS update includes new security features designed to make cybercriminals’ life harder. And, of course, the cybercriminals always try to bypass them. We have found a new modification of the mobile banking Trojan, Trojan-Banker.AndroidOS.Gugi.c that can bypass two new security features added in Android 6: permission-based app overlays and a dynamic permission requirement for...


Source: Kaspersky (securelist.com)

Sep 16, 2016
In a nutshell Backdoor.OSX.Mokes.a is the most recently discovered OS X variant of a cross-platform backdoor which is able to operate on all major operating systems (Windows,Linux,OS X). Please see also our analysis on the Windows and Linux variants. This malware family is able to steal various types of data from the victim’s machine (Screenshots, Audio-/Video-Captures, Office-Documents, Keyst...


Source: Kaspersky (securelist.com)

Sep 16, 2016
We have already seen some cryptor attacks where malicious programs with different functions have been used in combination. For example, one version of the Shade cryptor checks victim computers for signs of accounting activity; if it finds any, it doesn’t encrypt the files, but instead installs remote control tools in the infected system. The bot can then be used by cybercriminals to steal money...


Source: Kaspersky (securelist.com)

Sep 16, 2016
In the previous article, we described the mechanisms used by Trojan-Banker.AndroidOS.Gugi.c to bypass a number of new Android 6 security features. In this article, we review the entire Gugi mobile-banking Trojan family in more detail. The use of WebSocket by Gugi The mobile-banking Trojan family, Trojan-Banker.AndroidOS.Gugi is interesting due to its use of the WebSocket protocol to interact wi...


Source: Kaspersky (securelist.com)

Sep 16, 2016
A few days ago we reported to Google the existence of a new malicious app in the Google Play Store. The Trojan presented itself as the “Guide for Pokémon Go”. According to the Google Play Store it has been downloaded more than 500,000 times. Our data suggests there have been at least 6,000 successful infections, including in Russia, India and Indonesia. However, since the app is oriented toward...


Source: Kaspersky (securelist.com)

Sep 16, 2016
The concept of a smart city involves bringing together various modern technologies and solutions that can ensure comfortable and convenient provision of services to people, public safety, efficient consumption of resources, etc. However, something that often goes under the radar of enthusiasts championing the smart city concept is the security of smart city components themselves. The truth is t...


Source: Veracode.com

Sep 16, 2016
The rapid adoption of DevOps practices in the enterprise has forced a lot of CISOs to rethink their security play books. Gone are the days of testing for security once software engineers are done developing a piece of software. With rapid iterations and continuous delivery of software there is no "done" anymore. Additionally, the fast-paced DevOps model gives engineers the power to provision t...