Researchers have discovered an extremely rare and possibly unique form of “fileless” malware that executes entirely in memory without the need to save any files to the hard drive of a victim’s PC.

The latest discovery was made by Kaspersky Lab, which received reports of a malware attack hitting a common Java vulnerability (CVE-2011-3544) on Russian websites, but without appearing to drop any files in order to instigate a conventional Trojan attack

via Researchers find new type of ‘fileless’ malware.

Tens of thousands of video conferencing setups, including some in corporate meeting rooms where the most confidential information is discussed, are vulnerable to spying attacks

via Video conferencing mistakes make espionage easy, say researchers.

Washington’s attorney general announced two new lawsuits against Adscend Media, a company that allegedly has been earning US$20 million a year using a Facebook scam

via Facebook, Washington state sue alleged ad scammer.

Encryption keys on smartphones can be stolen via a technique using radio waves, says one of the world’s foremost crypto experts, Paul Kocher, whose firm Cryptography Research will demonstrate the hacking stunt with several types of smartphones at the upcoming RSA Conference in San Francisco next month

via Hacking stunt: Stealing smartphone crypto keys using plain old radio.

The recommendation that users disable or delete the software is the takeaway from a surprise security advisory issued by Symantec late Tuesday, which warns customers to “only use pcAnywhere for business-critical purposes,” and even then, only after configuring the software “in a way that minimizes potential risks.”

via Symantec: Users Should Disable PCAnywhere Now – Security – Vulnerabilities and threats – Informationweek.

The FBI is looking for a “geospatial alert and analysis mapping application” that will allow its Strategic Information and Operations Center SIOC to “quickly vet, identify and geo-locate breaking events, incidents and emerging threats

via FBI Seeks Data-Mining App for Social Media – Government – Security – Informationweek.

he Anonymous hacking group recruited unwitting accomplices in Thursday’s attacks against U.S. government sites

via Anonymous dupes users into joining Metaupload attack – Computerworld.