OS & Software
March 03, 2015 Added by:Anton Chuvakin
My research into security analytics and Gartner recent forays into so-called “smart machines” research converge in this post. Hilarity ensues!
February 19, 2015 Added by:Electronic Frontier Foundation
There's been some discussion about whether all copies of Superfish use the same root key to perform the MITM attacks
January 05, 2015 Added by:Pierluigi Paganini
The Microsoft Malware Protection Center (MMPC) has recently observed a surge in the infections of malware using macros to spread their malicious code.
November 25, 2014 Added by:Rebecca Herold
As more crooks see how much money their buddies are making, you will see more and more types of ransomware being launched, putting you and your business at risk if you are not on the lookout for the signs of such a crime.
November 11, 2014 Added by:Patrick Oliver Graf
In today’s business environment, the list of overlooked network security threats is endless. Information security professionals are modern-day gladiators, tasked with defending corporate data and networks against both known and unknown threats, but no matter how skilled they are, there will always be new threats to their networks.
October 22, 2014 Added by:Pierluigi Paganini
Security experts at Google and McAfee have discovered a new zero-day vulnerability in Microsoft OLE being exploited in targeted attacks.
October 07, 2014 Added by:Cyphort
Nowadays, as half of newly issued computers in the enterprise are Macs, OSX malware is also becoming more prevalent.
September 18, 2014 Added by:Elias Manousos
While customers won’t know or care which ad network delivered a malicious ad, they will blame the organization that owns the website or placed the ad that attacked them.
September 02, 2014 Added by:Tripwire Inc
We frequently work with customers who use patch management solutions and are missing patches. The reason? I don’t think anyone fully understands the Microsoft Patching process and the third-parties don’t always get it right either.
July 31, 2014 Added by:Cyphort
Since the first report on Havex RAT’s involvement with Industrial Control Systems (ICS) emerged last month, ICS operators were reminded to what extent malware authors will go to intrude their systems.
June 05, 2014 Added by:Rohit Sethi
Attention-grabbing exploits are becoming the norm. We hear about bugs like Heartbleed and IE 0days almost every week. Understandably the public is concerned about insecure technology. Yet for those of us who work in information security, this isn’t news at all. We have long known that insecure software is the root cause of most breaches.
June 01, 2014 Added by:Gianluca Stringhini
Recently, we have been working on gaining a better understanding of spam operations and of the actors involved in this underground economy. We believe that shedding light on these topics can help researchers develop novel mitigation techniques, and identifying which of the already-existing techniques are particularly effective in crippling spam operations, and should therefore be widely deployed.
May 20, 2014 Added by:Tripwire Inc
If configuration hardening settings are “conditional,” meaning they must find and keep that balance between security and productivity, hardening against known vulnerabilities in applications and versions is much more black-and-white.
May 06, 2014 Added by:Tal Be'ery
Since Kerberos authentication and authorization is based solely on the ticket – and not on the user’s credentials, it means that disabling the user’s account has no effect on their ability to access data and services.
April 09, 2014 Added by:Scott Montgomery
Whether you want to acknowledge it or not, the Windows XP and 2003 applications and servers in your estate are going to be at significant risk in a few weeks.
PoS Malware Kits Rose in Underground in 2014... on 03-17-2015
New PCI Compliance Study... on 03-17-2015
PCI Security Standards Council Statement on ... on 03-17-2015