Blog Posts Tagged with "Zero Day"
March 08, 2013 Added by:Mike Lennon
Ryan Naraine talks to Vupen CEO Chaouki Bekrar about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Ownhacker contest.
November 11, 2012 Added by:Pierluigi Paganini
Once again the discovery comes from Russia, its a analysts are demonstrating great capabilities in investigations, the forensics firm Group-IB, the same that provided information on cybercrime activities in Russia in last months, has discovered the availability of a new exploit sold in the underground...
October 22, 2012 Added by:Pierluigi Paganini
Recent revelations on Flame raise the question on the efficiency of zero day vulnerabilities, software bugs that hackers exploit to avoid security defenses on targeted systems. The real problem when we talk about zero-day is related to the duration of the period in which hackers exploit the vulnerability...
September 26, 2012 Added by:Rafal Los
Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...
September 22, 2012 Added by:Brent Huston
Emphasize that there are security measures that are effective in zero day situations. These include such controls as anomaly based detection mechanisms, system user security training, and incident response programs. If you can detect these attacks early and respond to them correctly...
September 12, 2012 Added by:Fergal Glynn
One of the big stories from this year’s BlackHat conference was Microsoft’s inaugural BlueHat contest which challenged researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. Katie Moussouris discusses...
September 11, 2012 Added by:Pierluigi Paganini
Excluding attacks by foreign governments and cyber criminals that exploit 0-days, with best practices and the adoption of compliance at the current standard, in matters of security it is possible to avoid data breach incidents, or at least reduce the amount of exposed information...
September 10, 2012 Added by:Pierluigi Paganini
The attacks appeared to be originated in China and aimed at dozens of other organizations who were hit, of which Adobe Systems and Juniper Networks confirmed the incident. The press is also convinced that other companies were targeted such as Morgan Stanley, Northrop Grumman and Yahoo...
July 10, 2012 Added by:Headlines
"What is interesting is that most of our clients always used to be using CMSs (like WordPress, Joomla, etc), but lately we are seeing such a large number of just plain HTML sites getting compromised and when we look deeper, they are always using Plesk..."
June 29, 2012 Added by:Headlines
Unlike traditional malware detection tools, RiskRanker does not rely on malware samples and signatures already identified. It is able to identify applications that exhibit signs of malicious code while they are still in the marketplace, before the malware is downloaded onto potential victim's mobile devices...
June 25, 2012 Added by:Fergal Glynn
Consumers make the mistake of trusting unreadable QR codes (unreadable by humans) that could really take a person anywhere. With all the vulnerabilities that are discovered on a regular basis with smart phones, it is only a matter of time until we see an explosion in malware for mobile platforms...
June 20, 2012 Added by:Lee Munson
Some people think that if you try to profit on your discovery, then no matter what your intentions are, the discovery could be used for non ethical goals. They think that it does not matter if it is a good guy or a bad guy who gets the information. They think that both parties have the potential for abuse...
June 18, 2012 Added by:Headlines
"While the exploit used in this attack has been referred to as being a zero-day due to reports of it being seen in the wild before the recent Security Bulletin Summary, zero-days are not commonly observed in attacks... this begs the question: will we see more zero-days being used in similar attacks?"
May 31, 2012 Added by:J. Oquendo
Studies on malware by vendors are not being done for anything other than being able to state: "We can defend you from MalwareX if you purchase Product Y." This is the reality of it. What better mechanism to do so than to paint the boogeyman as a rogue country. After all, countries spend millions on security...
May 22, 2012 Added by:Fergal Glynn
Information leakage happens when sensitive information is displayed to the a user inadvertently. An example would be pathnames or database IP addresses returned within an error message to a user. An attacker can use this information to undermine the system...
May 15, 2012 Added by:Headlines
"Cyber Espionage attacks are not a fabricated issue and are not going away any time soon... They are aiming to expand their access and steal data. Communications (primarily e-mail), research and development (R&D), intellectual property (IP), and business intelligence..."
Mobile Security Processes Could Be Applied t... Johnnie Nix on 05-21-2013
ATM Security (And Really Learning from the P... Johnnie Nix on 05-21-2013
New Study Published on Mobile Malware... Caitlin Rachel on 05-21-2013