Vulns & Alerts


DARPA’S Memex Project Shines Light on the Dark Web

March 03, 2015 Added by:Robert Vamosi

To better combat the increasing use of the Dark Web for illegal purposes, DARPA, the U.S. military’s Defense Advanced Research Projects Agency, is building a search engine known as Memex for law enforcement use.

Comments  (2)


The Malicious Insider

March 03, 2015 Added by:Tripwire Inc

Financial gain or fraud was the primary driver of the 11,698 instances of insider privilege abuse – defined as any unapproved or malicious use of organization resources – in last year’s Verizon Data Breach Investigations Report.

Comments  (2)


Control System Cyber Security and the Insurance Industry

February 26, 2015 Added by:Joe Weiss

I have felt that the insurance companies can be a major player in driving the need to adequately secure control systems.

Comments  (5)


Babar: Suspected Nation State Spyware In The Spotlight

February 25, 2015 Added by:Cyphort

Cyphort Labs has collected and analyzed a highly advanced piece of malware, which for all intents and purposes seems to be a full blown cyber espionage tool of the kind a nation state would be behind.

Comments  (7)


Old Vulnerabilities Still Popular Targets for Hackers: HP

February 24, 2015 Added by:Brian Prince

According to the latest edition of Hewlett-Packard's Cyber Risk Report, 44 percent of known breaches in 2014 came from vulnerabilities that were between two and four years old.

Comments  (9)


Flaws in Secure Messaging App Telegram Expose Chats

February 23, 2015 Added by:Eduard Kovacs

Telegram, the popular cross-platform messaging app said to be built with a focus on speed and security, is plagued by some serious vulnerabilities that can be exploited to gain access to users’ messages, researchers reported on Monday.

Comments  (7)


Malicious Emails Can Cause Android Email App to Crash: Researcher

February 18, 2015 Added by:Eduard Kovacs

According to Hector Marco, a Spain-based security researcher, an attacker can remotely launch a denial-of-service (DoS) attack against a user by sending them a specially crafted email.

Comments  (4)


Another Kind of Indicator

February 16, 2015 Added by:Tripwire Inc

While the infosec pendulum is swinging firmly in the direction of detective controls, let’s take a minute to think about the waning emphasis on preventative controls by considering a different kind of indicator.

Comments  (5)


16 Million Mobile Devices Infected With Malware in 2014: Alcatel-Lucent

February 16, 2015 Added by:Eduard Kovacs

A new report published by Alcatel-Lucent’s Motive Security Labs estimates that 16 million mobile devices were infected with malware in 2014.

Comments  (4)


Europe: More than Just ‘Stumbling Forward’ to Improved Cybersecurity

February 11, 2015 Added by:Patrick Oliver Graf

Two years ago almost to the day, months before cyberattacks entered the world’s collective consciousness, the European Union took the bold step of publishing an ambitious cybersecurity strategy. The strategy aims to outline the best path forward for identifying and responding to emerging digital threats.

Comments  (8)


Anthem Breach: How Hackers Stole Credentials and Why Two-Factor Authentication May Help Prevent Future Phishing Scams

February 09, 2015 Added by:Thu Pham

If the Anthem attack was carried out as the result of using a single password, their access security wasn’t up to industry standards. Two-factor authentication may have thwarted attacks by requiring the use of a personal device to verify the identity of a system administrator or other technical employee with access to their database of millions of sensitive records.

Comments  (3)


New Legislation on Threat Intelligence Sharing May Have a Chance

January 28, 2015 Added by:Anthony M. Freed

But the four cybersecurity legislation bills that were approved last month did not address all of the top concerns, namely the creation of an information-sharing platform that would enable better information exchange about cyber-based threats between the public and private sectors.

Comments  (4)


Google Says It’s Not Practical to Fix Flaws in Pre-KitKat Android

January 27, 2015 Added by:Eduard Kovacs

Researchers reported earlier this month that Google was no longer patching vulnerabilities affecting the WebView component in Android Jelly Bean (4.3) and prior.

Comments  (4)


The State of Obama Cybercare

January 26, 2015 Added by:Tripwire Inc

Over the past few years, we have seen cybersecurity move from the realm of IT into the boardroom and now onto the political stage. The reason for this is clear—the resiliency, security and safety of the Internet is critical to our economy and the progress of our society as a whole. It is our future.

Comments  (2)


Bringing Metasploit Exploits to Life with PowerShell

January 26, 2015 Added by:Dan Dieterle

You have a remote shell to a Windows box in Metasploit, very cool, but what can you do?

Comments  (2)


Generation (Nuclear and Fossil) Cyber Incidents Continue to Occur and Nobody is Connecting the Dots

January 22, 2015 Added by:Joe Weiss

I have seen few attempts to provide guidance to end-users about common issues with control system cyber incidents that transcend industries and even national boundaries. The following was a result of a discussion with a relevant entity about a domestic fossil plant cyber incident and its commonality to several other plant cyber incidents.

Comments  (2)

Page « < 2 - 3 - 4 - 5 - 6 > »