OS & Software

Af7244bb99debb4a1152fa49a993a05c

Trust-Based Security Models Ineffective: Researchers

June 04, 2015 Added by:Eduard Kovacs

The trust-based foundations of whitelisting make it more difficult for organizations to properly protect their networks against cyber threats, Kaspersky Lab researchers have warned.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Tox: Free Ransomware Toolkit Hits the Black Market

June 04, 2015 Added by:Anthony M. Freed

Do-it-yourself malware toolkits have been available on the black market for a long time, but now researchers have discovered the first ransomware variation for creating your own extortion campaigns – and it’s free to use.

Comments  (0)

Default-avatar

Surfing the Dark Web: How Attackers Piece Together Partial Data

June 04, 2015 Added by:Aaron Higbee

There is an entire cottage industry of people who go to great lengths to upgrade partial data to make it more valuable. On the Dark Web, one can easily find postings buying and selling this kind of partial information.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Zero-Day Export Regulation Proposal Released for Public Comment

June 01, 2015 Added by:Anthony M. Freed

The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) has released the proposal for regulatory control of the export of malware and zero-day exploits for a sixty-day public comment period, and the reaction from the security community and other interested parties is already definitively negative.

Comments  (0)

96f253cc8b3e78f1160a605fb9b56530

More Than Meets the Eye

May 28, 2015 Added by:Chris Elisan

The philosophy of hiding in plain sight has been used both by the good and the bad guys. But the effect of hiding in plain sight is much more pronounced when applied to a malicious attack.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

Microsoft and the Software Lifecycle

May 25, 2015 Added by:Tripwire Inc

For some reason, Europe’s ‘The Final Countdown’ was playing in my head as I sat and pondered this write-up. I suppose that’s fitting given that we are about to cross the 60-day mark until Windows Server 2003 goes End-of-Life.

Comments  (0)

201d6e4b7cd0350a1a9ef6e856e28341

More Possible Common Threads in Major ICS Cyber Incidents – Unintended System Interactions

May 25, 2015 Added by:Joe Weiss

One of the most important aspects in addressing ICS cyber security is the concept of “systems of systems”. Unlike IT where you can test a box and label it and the system secure, control system cyber security requires testing the overall system.

Comments  (0)

Bbd4f9420cc0edec55cb25411422efd2

Updated Dyre, Dropped by Office Macros

May 18, 2015 Added by:Ronnie Tokazowski

We recently analyzed a sample that started out appearing to be Dridex, but quickly turned into a headache leading to Dyre that featured some notable differences to past Dyre samples.

Comments  (0)

Af7244bb99debb4a1152fa49a993a05c

MacKeeper Patches Serious Remote Code Execution Flaw

May 12, 2015 Added by:Eduard Kovacs

The developers of MacKeeper, the controversial utility software suite for OS X, have patched a critical vulnerability that could have been exploited to remotely execute arbitrary code on affected systems.

Comments  (0)

0ead717779244d9aab5c1699308850d2

Rombertik Strike at MBR Latest in Long Line of Malware Self-Defense Tactics

May 07, 2015 Added by:Brian Prince

The malware, known as Rombertik, is the latest in a long line of examples of malware designed to make the lives of analysts and researchers harder.

Comments  (0)

C940e50f90b9e73f42045c05d49c6e17

This Carding Forum is Spamtacular

May 05, 2015 Added by:Malwarebytes

Credit card fraud is a huge problem, and by its very nature falls across the entire security spectrum.

Comments  (0)

Af7244bb99debb4a1152fa49a993a05c

Flaws in WordPress eCommerce Plugin Expose Over 5,000 Websites

April 30, 2015 Added by:Eduard Kovacs

Researchers at High-Tech Bridge have identified several vulnerabilities in TheCartPress, an eCommerce plugin installed on more than 5,000 WordPress websites.

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

The Four Most Common Evasive Techniques Used by Malware

April 30, 2015 Added by:Tripwire Inc

Malware might be growing in sophistication when it comes to anti-detection measures, but every day, the security community arrives at new measures that use these same evasion tactics against the malicious software they are designed to protect.

Comments  (0)

Af7244bb99debb4a1152fa49a993a05c

Hackers Tricked AT&T, Network Solutions Employees in Tesla Attack

April 28, 2015 Added by:Eduard Kovacs

The official website and Twitter accounts of Tesla Motors were briefly hijacked over the weekend. The electric car manufacturer has provided some details on the attack.

Comments  (0)

C940e50f90b9e73f42045c05d49c6e17

Tech Brief: An Inside View of a Zero-Day Campaign

April 22, 2015 Added by:Malwarebytes

Discovering a new vulnerability in a popular piece of software is the Holy Grail for cybercriminals. The period between this vulnerability being weaponized into an exploit and becoming public knowledge poses a huge security risk to consumers and businesses.

Comments  (0)

Af7244bb99debb4a1152fa49a993a05c

Apple Failed to Properly Fix “Rootpipe” Bug in OS X: Researchers

April 21, 2015 Added by:Eduard Kovacs

Apple’s recent fix for the OS X privilege escalation vulnerability dubbed “rootpipe” isn’t effective, according to researchers.

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »