In England arrested phishers, who created two thousand fake web-sites of banks

The detainees were charged with conspiring to fraud and money laundering

Law enforcement authorities in London arrested three men suspected of creating 2,000 phishing pages containing malware. The aim of attackers were bank customers who used the online services of financial institutions. It is reported by V3.

One Nigerian and two Romanian citizens were arrested on 29 October. They were charged with conspiring to fraud and money laundering. According to investigators, the attackers create fake pages of financial institutions in order to get the bank details of potential victims.

The arrests were carried out on the eve of the creation of the National Agency in the UK to combat crime (National Crime Agency, NCA) and the National Division opposition cyber crimes (National Cyber ​​Crime Unit, NCCU). Head of the Metropolitan Police to combat electronic crime Charlie McMurdie said that the operation to apprehend phishers shows how will operate new departments of law enforcement agencies, when their powers are in force.

DoS - Denial of Service Attack

DoS - attacks (Denial of Service Attack) or "denial of service" - the most basic category of attacks in the area of ​​computer security. The term can be applied to any situation in which an attacker tries to prevent any use of a resource. This can be achieved in many ways, both physical and virtual. The purpose of DoS-attacks is to create conditions of the site, in which the user can not access it. Most often, hackers do this by throwing a huge poster of "garbage" queries, and users can no longer get through to the site: the legitimate requests are drowning in "noise".

The security functional of Windows 8

The security solution of Windows 8 wider than the previous generation system, but it still does not cover all the needs of today's users, experts say.

"The model, when you receive all the services in the complex from one supplier is certainly convenient. However, to date to build a functional, modern user who needs it is virtually impossible - you need a special product, "- said the head of the group of products Kaspersky Internet Security and Kaspersky Anti-Virus Vardan Minasyan.

According to the "Kaspersky Lab" in the company's products for Windows 8 has a number of new features not found in the system itself.

One of the key - Support for ELAM (Early-Launch Anti-Malware, ELAM - new concept of protection of the boot process of Windows from malicious activities). ELAM system enables accurate detection and block sophisticated malware - such as rootkits.

Google, Microsoft and Yahoo fix serious vulnerabilities in the mail system

Operators of the popular e-mail systems Google, Microsoft and Yahoo at the same time eliminate the vulnerabilities in their server software that allows you to bypass security algorithm verification. This allows potential attackers to exploit the weakest element of the cryptosystem and generate fake messages.

The vulnerability affects DKIM or DomainKeys Identified Mail, which in addition to Google, Yahoo and Microsoft is used by many other mail servers. DKIM provides cryptographic envelope the letter, which verifies the domain name through which a letter that allows you to discard messages with forged addresses (spam) and miss legitimate messages.

The problem was related to the signature key length of 1024 bits. Forge such keys can be on a PC. In the US-Cert report that they were able to recreate the 1024 - and 768-bit keys for RSA-signature. Experts say that in this respect the situation is the worst situation was in the system of Google, which used a 512-bit keys. Independent experts say that they were able to create a fake email claiming to be from a person, Larry Page and Sergey Brin, and run them through DKIM, applied in Google Gmail.

ESET NOD32 Antivirus and ESET NOD32 Smart Security - a free license for 3 months

Get a free license for 3 months for ESET NOD32 Antivirus 5 and ESET NOD32 Smart Security 5

ESET NOD32 Antivirus and ESET NOD32 Smart Security - a free license for 3 months.

ESET NOD32 Antivirus provides reliable, advanced protection against threats endangering your PC while traveling on a local network or the Internet and connect your removable storage media.

NOD32 Smart Security - a software package for comprehensive protection for your computer against all types of cyber threats. Includes antivirus NOD32, spyware, HIPS, personal firewall and antispam module.

To receive a free license for 3 months for ESET NOD32 Antivirus 5 and ESET NOD32 Smart Security 5, follow these steps:

Updated Zoner AntiVirus Free Tablet for Android

Updated Zoner AntiVirus for Tablet - a powerful anti-virus for Android-compatible tablet c remote management, call filtering, message encryption.

Developers from ZONER released an updated version of the product Zoner AntiVirus for Tablet - a powerful anti-virus application for Android. The proposed product provides reliable protection for tablet computers from automatic dialers, "Trojans", worms, spyware applications, and other varieties of malware.

Recall that the proposed product to minimize the probability of launching hazardous applications that can compromise the device. Including Zoner AntiVirus provides a thorough review of all downloadable from the network of programs and files, and then scan the contents of the memory card on demand.

McAfee offers security updates for the data center

McAfee has announced a new line of products Data Center Security Suite

 Attention to the client, the company offers high-quality solutions built on the most advanced and cutting-edge technological developments and allow secure servers and databases in corporate data centers.

According to the developer, the proposed products can be used to effectively protect enterprise servers and databases that are deployed in physical, virtualized and cloud environments. Key features of the solutions Data Center Security is exceptional reliability, high performance and low power consumption of server resources. Thus, these products are in full compliance with the essential requirements of client organizations to protection data center.

Product McAfee Data Center Security Suite for Server, intended to organize their basic protection of all types of servers, offers a complete set of tools for doing "black" and "white" lists, and boasts enhanced support for advanced virtualization technologies. The proposed solution is also available in the version Hypervisor Edition, which guarantees the security of virtual servers, and is licensed by the number of used hypervisors.

Antivirus for Andoid is available in Facebook AV Marketplace

Today, Facebook announced that the AV marketplace is getting a big expansion, more than doubling the number of antivirus companies whose software downloads will be available.


Facebook users were able to download from the social networking site antivirus software for mobile devices - smartphones and tablets.

Anti-virus software will be available on Facebook under AV Marketplace, which allows free download full version of antivirus software. Their period of free use is limited, after the end user can make a paid subscription. The resource was launched in April 2012. According to Facebook, over six months of its existence it used about 30 million users of the social network.

Found a mini-version of spyware Flame

Experts have found so far unknown malware aimed at stealing data from infected computers 

Interestingly, in the detected program specialists have found traces of spyware and Flame Gauss.

In the "Kaspersky Lab" is not taken argue who or what is the object of interest of a newly discovered virus. Rather, it comes to computers, which contain information that is "of particular value." Also, the experts there is no information as to whether or not they have incidents of this software, which resulted in the stolen confidential data, the magazine writes Digit.

As the press service of the company, a malicious program called experts miniFlame because of its similarity to known spyware Flame, designed to steal data and control infected systems in targeted attacks, carried out to cyber espionage.

"MiniFlame is a tool for precision attacks. Most likely, this cyber weapons with clear targets, used in the course of what may be called the second wave of cyber attacks, "- said in a news release.

Android detects malware on smartphones

The new program will consist of two parts to test and blocking malicious applications to Google Play.

The blog Android Police found a message saying that the Android mobile platform will include a system for the identification of malware. As noted by the authors, they analyzed the APK-file of the latest version of Google Play.

Code detection application contains features antivirus service. "Apparently, there are two. There is something called "App Check", which will allow Google to check each already installed on the smartphone app, "and the second part - warns users of suspicious applications," - said in a blog post.

It should be noted that the new program will block the download of any application from Google Play, which is deemed harmful. The user to leave the right to release the lock, if he is confident in application security.

Trojan.PWS.Panda.2395 distributed via peer to peer network

"Doctor Web": Trojan.PWS.Panda.2395 distributed via peer to peer network

The company "Doctor Web" informs users of the distribution through peer to peer networks Trojan.PWS.Panda.2395 several malicious programs that use a very interesting mechanism to infect computers.

These programs are capable of massive DDoS-attacks and send spam.

Infection of the victim's computer by using the widespread Trojan Trojan.PWS.Panda.2395. In the first stage of infection by Trojan-supported peer to peer network to a PC victims downloaded the executable file that is encrypted malicious module. After successfully decrypt it launches another module that reads the image in computer memory or other malicious applications detected by Dr.Web anti-virus software as one of the members of the family Trojan.DownLoader.

The program is saved to a user account as an executable file with a random name, and then modifies the registry Windows, to give yourself the ability to automatically run along with the operating system loads.

Teenager found new critical vulnerability in Chrome

Young hacker Pinkie Pie can become a millionaire, receiving thousands of Google for each working exploit.

Yesterday at a conference Hack in the Box during the contest Pwnium 2 young talent has shown a couple of critical vulnerabilities in Chrome and working exploit for which he was awarded a monetary reward.

Vulnerability of an ID CVE-2012-5112, a detailed description of our issue tracker, tickets 117 715 and 117 736, as well as a blog Chromium. The first bug is associated with an error at rendering SVG-files engine WebKit, and the second bug was found in the system IPC (inter-process data transfer), which allowed to go beyond the sandbox. The result was to make NPAPI-browser plug-in that gets full privileges on the system.

This is the second time that Pinkie Pie earns thousand in the last time he scored in March 2012 for the first competition Pwnium. At the time, he was able to be chained six vulnerabilities to get out of the sandbox and get Chrome to execute arbitrary code on the system. Now, apparently, the exploit uses only two vulnerabilities, but the result is the same.

Virus Backdoor.Proxybox created by Russian hacker

Symantec: Virus Backdoor.Proxybox created by Russian hacker

Attacker for 3 years supported botnet size of 40 thousand infected computers.

The investigation began with the reverse engineering of the Backdoor.Proxybox malware. According to the company Symantec, the study of malicious code Backdoor.Proxybox, discovered three years ago, the experts were able to establish that the creator of the malware is hacker from Russia.

To locate the hacker managed to track its accounts in payment systems on sites that distribute malware.

According to the company Symantec, detect malware Backdoor.Proxybox, the experts found that the virus is composed of three constituent parts - the dropper, the main part of malware and rootkit.

In Adobe Flash eliminated 25 vulnerabilities

Adobe has released security updates for Adobe Flash Player

Adobe has released a security alert, removing 25 security vulnerabilities in Adobe Flash Player and Adobe AIR.

Adobe has released Security Bulletin APSB12-22, which eliminated the 25 vulnerabilities, it does not reveal the details of vulnerabilities. At the time of publication of news, a company newsletter provides information only about the fact that 14 of the 25 vulnerabilities include buffer overflow, which can be used to execute arbitrary code. The rest can be exploited by an attacker to implement a memory corruption and also compromise a vulnerable system.

Vulnerability: Cross-site scripting in Opera

Vulnerability in Opera allows XSS attack on any site

For an attacker to exploit the vulnerability by placing a specially crafted link to the target resource.

The forum RDot.org has information about the dangerous vulnerabilities in the browser Opera, which allows XSS attack in the context of an arbitrary web-site. This vulnerability can also be exposed to the latest versions of the browser Mozilla Firefox.

A vulnerability in the security system on Twitter

A vulnerability was discovered in the security system on Twitter

The hacker discovered a fundamental security vulnerability in the social network Twitter. The flaw allows attackers to gain unauthorized access to the accounts of Twitter users by brute force attack.

According to Daniel Dennis Jones, whose account was recently hacked, security system uses the Twitter limit login attempts to your account by IP-address. As a consequence, anyone can use an unlimited amount of IP-addresses for password guessing. Jones notes that this could have been avoided if Twitter put a limited number of attempts or used a system of two-factor authentication, as does Google.