As always, there have been lots of interesting cyber security and incident reports in the media this week. While most typically report on a major train wreck that has already occurred, every once in a while we get a warning that has had zero impact that we should all nonetheless start thinking about. One of this week’s big thought provokers was reported by Antone Gonsolves in CSO. In Mobile devices set to become next DDoS attack tool, he reports on how an analyst from Javelin Strategy & Research is convinced that smartphones and tablets are expected to become a significant launching pad for distributed denial of service (DDoS) attacks against corporate websites. Although there hasn’t been a reported case of this yet,... read more >

There has been some recent talk about a new mobile malware variant found in the wild. The malware has been identified as Trojan-Spy.AndroidOS.Zitmo. ZitMo stands for “Zeus-in-the-Mobile”.

ZitMo was originally designed to target the Symbian smartphones, with Windows Mobile and Blackberry following later. ZitMo for Android Operating System was first detected in July 2011. This trojan is another variant targeting the Android Operating System and is distributed as an APK with the name “Android Security Suite Premium” through SMS messages.

The purpose of ZitMo is to target the security features of online banking services. Banks use what are called TAN codes (Transaction Authentication Number) with digital signatures as an additional authentication mechanism to authorize the transaction. In some cases, banks send TAN codes via a text message (these are called mTANs, or mobile transaction authentication numbers).

Like... read more >