How the Grinch Stole IoT — Level 3 Threat Research Labs reports on the Mirai malware, which has spawned numerous botnets, including the one responsible for the distributed denial-of-service attack that took down the popular KrebsOnSecurity blog (previously).
Computer Virus Catalog (NSFW) shows artists' renditions of famous computer viruses.
Relive techno fears of yore ... malware aficionado Daniel White collects vintage computer viruses, infects his machines and records the results. See more examples at his YouTube channel.
An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows.
"Flame" is the name of a newly-identified malware program which utilizes a previously unknown MD5 collision attack to successfully spoof Microsoft Terminal Services, and install itself as a trusted program using Windows Update, Microsoft has confirmed. The program appears to have targeted computers in the Middle East, and specifically Iran; analysts have alleged it is likely created by the same entity that designed Stuxnet. Flame has been live and actively spying since 2010, but went undetected until recently, due to sophisticated anti-detection measures. [more inside]
In-depth pieces in Vanity Fair and Wired detail the structure and impact of the Stuxnet worm, and what it means for the future of cybersecurity. (Previously)
The dry, technical language of Microsoft's October update did not indicate anything particularly untoward.
Its reach is impossible to measure precisely, but more than 3 million vulnerable machines may ultimately have been infected. : The inside story on the Conficker Worm at New Scientist.