SecurityWeek

Senior officials within Iran’s Oil Ministry have said that they now know what the attacker’s hidden agenda was when they launched a cyber attack last month. However, they won’t say what it is exactly, because they are still investigating.

Oracle users should apply a workaround in lieu of a patch for a critical vulnerability revealed in a bug disclosure flap, security experts say.

There is more to the Flashback attacks than simply infecting computers. According to Symantec, a version of the malware targets Google in an advertising fraud scheme that could generate up to $10,000 a day in profits for the fraudsters.Symantec dubbed the variant Flashback.K. After some reverse engineering, the firm determined the malware is being used in a click fraud scheme designed to hijack clicks on legitimate Google ads and send them to websites that paid them to generate traffic.

Pindrop Security, a startup focused on combating phone-based fraud, today announced that it has closed a $1 million seed round of financing, coming from a sizable pool of investors that the company says will be used to grow its customer base and expand product development.

USB-based Threats Persist Despite Years of Software Updates

By Identifying Areas of High Risk Across the Entire Infrastructure, Countermeasures Can be Implemented Where They’re Needed Most.

Attack Traffic Originating from The United States Jumped Nearly 37% in Q4 2011, Says Akamai Report.Internet infrastructure giant Akamai Technologies, released its Fourth Quarter, 2011 State of the Internet report on Monday which provides insights into global statistics including Internet penetration, mobile traffic and data consumption, connection speeds, and Internet attack traffic.

Attackers have updated the Flashback Trojan targeting Macs to use Twitter as a command and control mechanism, security researchers have found.

Business leaders need to take note quickly, and learn to recognize that information security risks are real risks to their success.

Stealthy Attacks Use Trusted Enterprise Systems and Trusted Networks, Making Detection DifficultSkilled attackers are burrowing their command and control (C&C) servers inside the networks of compromised businesses in order to circumvent security measures, according to a security expert familiar with the innovative new attack method.

Symantec Threat Report Reveals 81 Percent Increase in Malicious Attacks, Drop In Number of VulnerabilitiesIn its latest threat report released on Monday, Symantec revealed that while the number of vulnerabilities fell by 20% in 2011, it saw a significant increase in the number of malicious attacks. In addition, the report notes the fact that targeted attacks are spreading to organizations of all types and sizes.

Appliance Helps Accelerate Custom BYOD Policy EnforcementEnterasys Networks, a provider of network infrastructure and security solutions, today announced a new bring-your-own device (BYOD) solution designed to help address the increasingly complex and pressing concerns with the BYOD trend, including security, user experience, simplicity and flexibility.