A worm hit Twitter looking to rope users into downloading rogue antivirus. – Thousands of Twitter users are believed to have been hit with malicious
links tied to a rogue antivirus scam circulating the microblog service.
The scam is spreading through malicious links abusing the goo.gl
URL shortening service. According
to Kaspersky Lab, the malicious links redirect u…
A U.S. news report says experts at an Israeli facility were involved in testing a computer worm that is believed to have sabotaged Iran’s nuclear centrifuges.
According to the report, the worm disrupted Tehran’s potential to develop an atomic weapon.
New twists in the story of a mysterious and sophisticated cyber-weapon
IS THE price of second-hand computers about to plunge in Iran? Those in its nuclear facilities have been infected by the Stuxnet worm, an ingenious cyber-weapon seemingly designed specifically to sabotage uranium-refining by disrupting centrifuges’ industrial-control systems. On November 29th President Mahmoud Ahmadinejad admitted Stuxnet had hit “a limited number” of the centrifuges. He had previously said that only administrative machines at nuclear facilities had been infected. The International Atomic Energy Agency reported a few days earlier that engineers at Iran’s Natanz plant had stopped feeding uranium into its centrifuges, but Iran said it restarted the process six days later. IAEA figures also showed the refining was less productive.
This is just what a Stuxnet attack would look like. According to Symantec, a computer-security company, the worm performs an inventory of the systems it is running on, looking specifically for “frequency converter drives” made by two firms, one Iranian and the other Finnish, running at speeds between 807 Hz and 1210 Hz. (These high frequencies correspond to the rotation speeds of centrifuges; America tightly controls the export of frequency converter drives able to operate at frequencies above 600 Hz.) …
A Twitter worm was seen spreading through malicious goo.gl links. Twitter said it is pushing out password resets to anyone affected. – A new Twitter worm has surfaced that abuses Google’s goo.gl link shortening
service.
The worm has been seen spreading with the following links: quot;goo.gl/R7f68 quot;
and quot;goo.gl/od0az. quot; Twitter is aware of the attack and stated in a tweet that
it is pushing out password resets to an…
Even before Belarus-based security firm VirusBlokAda reported Stuxnet’s existence in July, the malicious worm had grabbed the attention of many in the security community because of its target- industrial control systems- and its complexity. In September, Iran admitted its first nuclear power plant had been hit with Stuxnet. Though the worm didn’t do any damage, its presence highlighted the malware’s potential. As it turns out, Iran was actually the site of many of the initial infections of Stuxnet as it spread throughout the globe. That may not have been coincidence, as some have openly speculated the worm was the work of Israel or the United States, though no solid evidence has been revealed to support those claims. Still, between the zero-days, stolen digital certificates and other functionality, many security researchers are ranking Stuxnet as one of the most sophisticated malware attacks they have seen. Here, eWEEK takes you step by step into the world of Stuxnet- what it does, how it does it and what you may not know about the worm. – …
An unusually sophisticated cyber-weapon is mysterious but important
IT SOUNDS like the plot of an airport thriller or a James Bond film. A crack team of experts, assembled by a shadowy government agency, develops a cyber-weapon designed to shut down a rogue country’s nuclear programme. The software uses previously unknown tricks to worm its way into industrial control systems undetected, searching for a particular configuration that matches its target—at which point it wreaks havoc by reprogramming the system, closing valves and shutting down pipelines.
This is not fiction, but fact. A new software “worm” called Stuxnet (its name is derived from keywords buried in the code) seems to have been developed to attack a specific nuclear facility in Iran. Its sophistication suggests that it is the work of a well-financed team working for a government, rather than a group of rogue hackers trying to steal secrets or cause trouble. America and Israel are the obvious suspects. But Stuxnet’s origins and effects are unknown. …
Twitter users Sunday were infected by a worm that posted sexual messages on victims’ profiles. – Twitter users were hit with yet another worm during the weekend.
This time, the tweets came bearing the message quot;WTF quot; with a link in
tow. Clicking on the link automatically generated a post from the
victim with a pornographic message.
“Clicking on the WTF link would take you to a webpa…
The past week in security saw the HDCP master key get exposed, HP’s deal to purchase ArcSight and revelations about the Stuxnet worm targeting industrial systems. – Intel has spent
the past several days dealing with fallout from the discovery of a master
key for the High-bandwidth Digital Content Protection (HDCP) protocol, ending a
busy week in IT security news.
The HDCP protocol was developed by Intel to protect digital video and audio
content as it is …
Security researchers reveal that the Stuxnet worm targeting industrial companies exploits four zero-day vulnerabilities – including two that remain unpatched. – Security researchers revealed today the Stuxnet worm has been
exploiting four zero-day vulnerabilities in Windows in an attempt
to infect industrial control systems.
In the months since Stuxnet was first publicized in July, much of the
attention focused on a now-patched Microsoft
Windows bu…
UPDATE: The hacker Iraq Resistance has taken credit for the worm that recently flooded inboxes around the world. – A person claiming to be the hacker behind the quot;Here you have quot; worm posted a YouTube video Sept. 12 defending his or her actions.
In the YouTube video, a hacker by the nickname Iraq Resistance, spoke with a computer-altered voice in a video published by quot;iqziad quot; and claimed re…
A recap of the top IT security news of the past week features a mass-mailer worm, attacks against a zero-day vulnerability in Adobe Reader and Acrobat and more. – A mass-mailer worm caused agita for IT administrators and topped the past
week’s security news.
Dubbed the quot;Here you have quot; worm based on the subject line of a
carrier e-mail that flooded inboxes around the world Sept. 9, the worm
disrupted e-mail systems at a number of high-profile com…
A security researcher finds a connection between a self-proclaimed cyber-jihad group and the malware attack that infected computers at a number of high-profile organizations Sept. 9. – A cyber-jihadist group may be to blame for the quot;Here you have quot;
worm that reportedly struck organizations ranging from NASA to Wells
Fargo.
According to Joe Stewart, director of malware research at SecureWorks, there
are indications a group called the Brigades of Tariq ibn Ziyad is beh…
A mass mailer worm that struck NASA, Walt Disney Co. and other organizations is a throwback to the days of old, security researchers said. Here is what you need to know about it. – A mass-mailer worm flooded inboxes at a number of high-profile organizations
today.
Dubbed quot;Here you have quot; because of its e-mail subject line, the
worm struck organizations such as NASA and the Walt Disney Co. In some ways,
the worm is a throwback
to attacks such as the Anna Kournikov…
Updated: A worm that uses clickjacking to spread is squirming its way around Facebook. The worm has already affected hundreds of thousands of users, according to security experts at Sophos. – A new clickjacking worm targeting Facebook users is spreading on the social network site.
According to Sophos, hundreds of thousands of Facebook users fell victim to the worm during Memorial Day weekend. The ruse relies on social-engineering users into clicking on links with messages that include:…
Researchers say the notorious Windows worm has created a headless botnet – but one that continues to maintain a hold of millions of computers. A year after the infamous April 1 doomsday deadline, the investigation into the masterminds of the worm continues.
– On April 1, 2009,
the Conficker worm played an April Fools Day joke of its own on those who predicted
an Internet meltdown.
But instead of a meltdown, infected computers only got a slight update in
functionality, followed by brief attempts to rope them into rogue antivirus
scams and then months…
1999: The “Melissa” worm makes a sudden appearance, screwing up specific e-mail programs by clogging them with infected e-mails issuing from the worm. It is the first successful mass-mailing worm.
Melissa was first distributed in alt.sex, a Usenet discussion group, hidden inside a file that contained the passwords to 80 pornographic websites. The worm was then [...]
Symantec has uncovered a new worm targeting jailbroken iPhones. Unlike the ikee worm that appeared earlier this month, this worm can be used to steal data.
– Researchers at Symantec have uncovered another worm aimed at jailbroken iPhones.
Like the well publicized ikee worm, the recent malware targets jailbroken iPhones running SSH and using the default password of ‘alpine. However, unlike ikee, which merely changed victims backgrounds to a picture of …
Infosyncworld reports that there are over 10,000 apps are submitted to the iPhone App Store each week. That is a lot of stuff to wade through for the Apple folks that wield the hammer of approval.
The jailbroken iPhone has been the target of several worms and attacks over the last few weeks. A new worm [...]
A second source for a Verizon iPhone rumor has tipped up this week from a research note from Northwest Securities that claims an iPhone for Verizon will hit by the Summer of 2010. The AT&T exclusive is set to end next year according to sources paving the way for this to happen. AT&T had better [...]
New Blu-ray films from Universal will feature iPhone interactivity. The first of the films to offer such interactivity will be the animated film “9″. The feature is called Pocket Blu and will let users enter text with the iPhone rather than the remote.
With two worms targeting the iPhone in only a few days security of [...]
