OS & Software


Angler Exploit Kit Uses Domain Shadowing to Evade Detection

March 04, 2015 Added by:Eduard Kovacs

The notorious Angler exploit kit has started leveraging a new technique to ensure that its malicious activities are not interrupted when the domains it uses are blacklisted, researchers at Cisco revealed on Tuesday.

Comments  (5)


Weaknesses in Air Traffic Control Systems are a Serious Issue for FAA

March 04, 2015 Added by:Pierluigi Paganini

A GAO report to FAA reveals that the systems adopted in the Aviation industry are still affected by weaknesses that could be exploited by hackers.

Comments  (3)


PlugX Malware Adopts New Tactic in India Attack Campaign

March 03, 2015 Added by:Brian Prince

According to Sophos, the malware is now hiding the malicious payload in Windows registry instead of writing the file on disk.

Comments  (6)


Killed by AI Much? A Rise of Non-deterministic Security!

March 03, 2015 Added by:Anton Chuvakin

My research into security analytics and Gartner recent forays into so-called “smart machines” research converge in this post. Hilarity ensues!

Comments  (2)


Lenovo is Breaking HTTPS Security on its Recent Laptops

February 19, 2015 Added by:Electronic Frontier Foundation

There's been some discussion about whether all copies of Superfish use the same root key to perform the MITM attacks

Comments  (6)


Buying Illegal Goods on the Digital Underground

January 19, 2015 Added by:Tripwire Inc

The fact that Silk Road has returned is a testament to users’ ongoing ability to purchase illegal goods online, not to mention merchants’ ability to sell these products.

Comments  (2)


Microsoft Observed a Significant Increase in Macros-Based Malware

January 05, 2015 Added by:Pierluigi Paganini

The Microsoft Malware Protection Center (MMPC) has recently observed a surge in the infections of malware using macros to spread their malicious code.

Comments  (0)


You Need to Know About Ransomware

November 25, 2014 Added by:Rebecca Herold

As more crooks see how much money their buddies are making, you will see more and more types of ransomware being launched, putting you and your business at risk if you are not on the lookout for the signs of such a crime.

Comments  (1)


7 Security Threats You May Have Overlooked

November 11, 2014 Added by:Patrick Oliver Graf

In today’s business environment, the list of overlooked network security threats is endless. Information security professionals are modern-day gladiators, tasked with defending corporate data and networks against both known and unknown threats, but no matter how skilled they are, there will always be new threats to their networks.

Comments  (1)


New Zero-day in Microsoft OLE Being Exploited in Targeted Attacks

October 22, 2014 Added by:Pierluigi Paganini

Security experts at Google and McAfee have discovered a new zero-day vulnerability in Microsoft OLE being exploited in targeted attacks.

Comments  (1)


iWorm The First OSX Bot To Use Reddit For CnC: Expect Mac malware to surge

October 07, 2014 Added by:Cyphort

Nowadays, as half of newly issued computers in the enterprise are Macs, OSX malware is also becoming more prevalent.

Comments  (3)


Poisoning the Well: Why Malvertising is an Enterprise Security Problem

September 18, 2014 Added by:Elias Manousos

While customers won’t know or care which ad network delivered a malicious ad, they will blame the organization that owns the website or placed the ad that attacked them.

Comments  (2)


Improving Microsoft Patching

September 02, 2014 Added by:Tripwire Inc

We frequently work with customers who use patch management solutions and are missing patches. The reason? I don’t think anyone fully understands the Microsoft Patching process and the third-parties don’t always get it right either.

Comments  (0)


Windows Meets Industrial Control Systems (ICS) Through HAVEX.RAT – It Spells Security Risks

July 31, 2014 Added by:Cyphort

Since the first report on Havex RAT’s involvement with Industrial Control Systems (ICS) emerged last month, ICS operators were reminded to what extent malware authors will go to intrude their systems.

Comments  (1)


Software Security: An Imperative to Change

June 05, 2014 Added by:Rohit Sethi

Attention-grabbing exploits are becoming the norm. We hear about bugs like Heartbleed and IE 0days almost every week. Understandably the public is concerned about insecure technology. Yet for those of us who work in information security, this isn’t news at all. We have long known that insecure software is the root cause of most breaches.

Comments  (1)


New Insights into Email Spam Operations

June 01, 2014 Added by:Gianluca Stringhini

Recently, we have been working on gaining a better understanding of spam operations and of the actors involved in this underground economy. We believe that shedding light on these topics can help researchers develop novel mitigation techniques, and identifying which of the already-existing techniques are particularly effective in crippling spam operations, and should therefore be widely deployed.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »