Stories by Robert Lemos

Hacktivism moves from pranks to problems

Agricultural technology firm Monsanto became the latest target of hacktivists this week, when hackers donning the mantle of the distributed protest group Anonymous <a href="">claimed</a> that it had penetrated the firm's network and leaked personal information on 2,500 of the company's employees.

Robert Lemos | 15 Jul | Read more

WordPress warns server admins of Trojans

Companies and bloggers that run their own WordPress installations should make sure that they have not downloaded any of three popular plugins that were, for about 24 hours, playing host to <a href="">malicious code</a>, WordPress creator Auttomatic warned.

Robert Lemos | 25 Jun | Read more

DNS agility leads to botnet detection

Online criminals have evolved their tactics to harden their botnets against takedown using a variety of tactics, including fast-flux networks and Conficker-like dynamic domain generation. Yet, such tactics can also pinpoint when such networks are being created by bot operators, according to research from the Georgia Institute of Technology.

Robert Lemos | 22 Jun | Read more

Mesh networks may make SQL injection attacks more persistent

Massive website compromises using a technique known as <a href="">SQL injection</a> has long been a top security concern for Web developers and site owners. Now, the attacks may become harder to detect and prevent, according to one security firm's analysis.

Robert Lemos | 20 Jun | Read more

Apple iOS: Why it's the most secure OS, period

In June 2007, Apple released the iPhone, and the device quickly took off to become a major brand in the smartphone market. Yet when the iPhone shipped, security on the mobile operating system was nearly nonexistent. Missing from the initial iOS (then called iPhone OS) were many of the security features that modern-day desktop software has as a matter of course, such as data-execution protection (DEP) and address-space layout randomization (ASLR). Apple's cachet lured security researchers to test the platform, and in less than a month, a trio had released details on the first vulnerability: an exploitable flaw in the mobile Safari browser.

Robert Lemos | 06 Jun | Read more

Zeus leaks give tools to researchers, attackers

The source code and a manual to the popular crimeware creation kit Zeus has been leaked, perhaps giving defenders additional tools to fight infections but also raising concerns that criminals may use the source code to create a rapidly expanding compendium of variants.

Robert Lemos | 14 May | Read more

HBGary's Hoglund identifies lessons in Anonymous hack

On Superbowl Sunday, HBGary CTO Greg Hoglund found himself locked out of his own e-mail account. As has since been widely reported in the media, the hacking group Anonymous leaked thousands of e-mail messages from the accounts of Hoglund and HBGary Federal's CEO Aaron Barr, chastising the company in a public statement.

Robert Lemos | 18 Mar | Read more

DroidDream turns Androids into zombies

The malicious code that led Google to remove more than 50 Trojan applications from the Android Marketplace appears to mainly be a "dropper" -- a program designed to load other code to further compromise the affected smartphone, according to a security firm's analysis.

Robert Lemos | 09 Mar | Read more