Blog Posts Tagged with "Exploits"

36317a78f97d1d6d7a02333ad01186fa

New Approaches for Blocking Zero-Day Exploits to Prevent APTs

April 16, 2013 Added by:George Tubin

Cybercriminals continue to develop new methods to bypass security controls in order to install malware on corporate endpoints. An endpoint protection approach that provides both effectiveness and manageability must begin with an understanding of the attack vectors that require mitigation.

Comments  (1)

306708aaf995cf6a77d3083885b60907

Podcast: Vupen CEO Chaouki Bekrar Talks About Selling Zero Days at CanSecWest

March 08, 2013 Added by:Mike Lennon

Ryan Naraine talks to Vupen CEO Chaouki Bekrar about the controversies surrounding the sale of zero-day vulnerabilities and exploits, his company’s business dealings and the work that goes into winning the CanSecWest Pwn2Ownhacker contest.

Comments  (0)

Default-avatar

UPnP Security Flaws Expose 40-50 Million Networked Devices

January 29, 2013 Added by:Infosec Island

Researchers at Rapid7 have uncovered that roughly 40-50 million network-enabled devices are at risk due to vulnerabilities in the Universal Plug and Play (UPnP) protocol.

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

The Rise of Exploit Kits According to Solutionary SERT

January 28, 2013 Added by:Pierluigi Paganini

The report revealed the surprising efficiency of well-known vulnerabilities usually included in the popular exploits sold in the underground, around 60% are more than two years old, and 70% of the exploit kits analyzed (26) were released or created in Russia...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Web Browsers, Exploits and H@x0rs… Oh, My!

November 26, 2012 Added by:Tripwire Inc

I might possibly be in the wrong business. Google announced recently that teenage hacker “Pinkie Pie” was awarded $60,000 for finding and reporting a bug in the company’s Chrome web browser. Apparently this is not even the first time he has accomplished this feat...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Skype: serious vulnerability found

November 15, 2012 Added by:Pierluigi Paganini

The news is circulating with insistence on the net, Skype is suffering from a vulnerability that can expose its users to serious risks, due this reason it has suspended the password reset process.The Russian Blog Pixus.ru published a post where it described a workaround to hijack the accounts of the famous application...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

"No known exploits in the wild..."

November 13, 2012 Added by:Rafal Los

It's human nature, and just the way we are wired... I know I can feel some of that on myself when I hear that phrase. I guess I would change it to be slightly more effective (or harder to dismiss) by adding "at this time" at the end of the sentence - although I doubt it would make too much of a different...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Group-IB found a new zero-day vulnerability in Adobe products

November 11, 2012 Added by:Pierluigi Paganini

Once again the discovery comes from Russia, its a analysts are demonstrating great capabilities in investigations, the forensics firm Group-IB, the same that provided information on cybercrime activities in Russia in last months, has discovered the availability of a new exploit sold in the underground...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Post Exploitation Command Lists: Request to Edit

November 07, 2012 Added by:Rob Fuller

If you would like to contribute, please shoot me a tweet, a email, a... anything and I will gladly add you to the permissions to edit. Honestly it just became so overwhelming that every time I thought to add something I would cringe away because I know I'd spend most of time fixing them...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Man-in-the-Middle Redux

November 05, 2012 Added by:Tripwire Inc

This attack used to be fairly innovative. But not so much anymore. Would-be attackers can buy the basic components “off the shelf” using ready-made toolkits like Ettercap, Mallory (I love the creative use of the classic MITM name), and dsniff. If you’d like a better look at how it works, this is a good video...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Wrong response to zero day attacks exposes serious risks

October 22, 2012 Added by:Pierluigi Paganini

Recent revelations on Flame raise the question on the efficiency of zero day vulnerabilities, software bugs that hackers exploit to avoid security defenses on targeted systems. The real problem when we talk about zero-day is related to the duration of the period in which hackers exploit the vulnerability...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Advice Regarding Recent Java Vulnerabilities

October 17, 2012 Added by:Fergal Glynn

By now, our readers have undoubtedly seen the buzz about a serious security vulnerability in Oracle Java, with corresponding exploit code making its way around in the form of active, in-the-wild attack campaigns, as well as penetration testing tools...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Java in the Cross-Hairs of Enterprise Security

September 26, 2012 Added by:Rafal Los

Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

How We Might Wage War in Cyberspace

September 19, 2012 Added by:Joel Harding

With the way US forces are distributed globally, cyber capabilities and flexibilities are enhanced. Cyber, both offense and defense, can be launched from anywhere. All Combatant Commanders have liaisons and representative elements with geographic commands, Cyber Command is no different...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Clipboards, Confidence, and Information Security

September 17, 2012 Added by:Tripwire Inc

How do you teach paranoia and suspicion? We often hire people because of their willingness to help others, their good communication skills, their ability to be responsive, etc. As we work through securing our humans, we need to strike a balance – trust but verify, assist but not unquestioningly...

Comments  (1)

68b48711426f3b082ab24e5746a66b36

Microsoft BlueHat: Five Questions with Katie Moussouris

September 12, 2012 Added by:Fergal Glynn

One of the big stories from this year’s BlackHat conference was Microsoft’s inaugural BlueHat contest which challenged researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. Katie Moussouris discusses...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »