OS & Software

875b62bb8cdfb9fb199603e9e24a54a6

Despite a Decade of Security Upgrades, Windows Vulnerabilities Still Exist

February 22, 2013 Added by:Mark Austin

Windows 8 is touted, rightfully so, for being the most secure Windows operating system yet. However, it would be a mistake to believe that Windows 8 does not require external security enhancements.

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

Security Analytics: Hype or Huge?

February 01, 2013 Added by:Simon Moffatt

This complex chain of correlated "security big data", can be used in a manner of ways from post-incident analysis and trend analytics as well as for the mapping of internal data to external threat intelligence. Big data is here to stay and security analytics just needs to figure out the best way to use it...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Android Phones in China Hit by Most Costly Malware in History

February 01, 2013 Added by:Dan Dieterle

China may be the source for a lot of international cyber attacks and malware, but they get hit by it too. 620,000 Android phones in China were infected with a nasty virus that collects personal information and begins to send costly text messages to benefit the malware maker...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

How the US is Preparing for Cyber Warfare

January 29, 2013 Added by:Pierluigi Paganini

The US and Israel are considered in cyber warfare context to be the most advanced nations, and according the international press they have been been involved in the creation of the first worldwide recognized cyber weapon, Stuxnet, and many other related spy tools kits such as Flame...

Comments  (1)

44a2e0804995faf8d2e3b084a1e2db1d

Trojans for the Bundestag – German PD acquired Finfisher

January 29, 2013 Added by:Don Eijndhoven

German political platform NetzPolitik.org has now uncovered secret documents belonging to the Ministry of Finance, that the Ministry of the Interior sent to the Bundestag (the political seat of Germany) that reveals the German Federal Police’s intention to use Gamma Group’s Finfisher spyware...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

New Variant of Shylock Banking Malware Spread via Skype

January 20, 2013 Added by:Pierluigi Paganini

The first version of the malware demonstrated an improved methodology for injecting code into browsers to remotely control the victim's device and an improved evasion technique to prevent detection by common antivirus software...

Comments  (0)

314f19f082e69886c20e31c70fe6dceb

Microsoft EMET the patch for 0days

January 17, 2013 Added by:Rod MacPherson

Once again, a new 0-day Internet Explorer vulnerability was discovered that affects IE7 and IE8... ...aside from upgrading to IE9/IE10 there is a suggestion that you could mitigate this vulnerability by running EMET. The only realistic action for many businesses to take would be EMET.

Comments  (2)

296634767383f056e82787fcb3b94864

RBN Connection to Kaspersky's Red October Espionage Network

January 15, 2013 Added by:Jeffrey Carr

Kaspersky made an astonishing announcement today with its discovery of a sophisticated cyber espionage network (most likely Russian) that has been operating since May 2007 and continues to this day. It has successfully infiltrated embassies, research organizations, military and government agencies, energy facilities (including nuclear power plants) predominantly in the Commonwealth of Independent ...

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Common Sense Cybersecurity

January 13, 2013 Added by:Larry Karisny

We start with one big problem. Internet architecture was never made for security. One of my earliest articles quoted the father of the Internet Vint Cerf by saying, "One of things incumbent on all of us is to introduce strong authentication into the fabric of the smart grid. We did not do that with the Internet."

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Turkey – Another story on use of fraudulent digital certificates

January 04, 2013 Added by:Pierluigi Paganini

It’s the news of the day, a fraudulent digital certificate that could be used for active phishing attacks against Google’s web properties. Using the certificate it is possible to spoof content in a classic phishing schema or perform a man-in-the-middle attack according Google Chrome Security Team and Microsoft experts.

Comments  (0)

8a958994958cdf24f0dc051edfe29462

A New Way of Detecting Cybersecurity Attacks

January 04, 2013 Added by:Larry Karisny

Current IDS solutions have high instances of false positives and true negatives and are extremely costly to maintain. Current IDS solutions were not designed for today's hyper connected business processes with high volume of instances. Attempting to detect misuse or anomalous behaviors requires infinite numbers of rules, patterns or algorithms, which is not possible, and is therefore the cause of ...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

An Eleven Character Linux Denial of Service Attack & How to Defend Against it

January 03, 2013 Added by:Dan Dieterle

Meet the “Fork Bomb”. Basically all it does is instruct Linux to open processes – over and over again for an almost infinite number of times. Your RAM and CPU usage rises until the system no longer responds to input.

Comments  (0)

7e364bbac217114a59e547b354e7f7ad

Don’t Be Caught Playing the Fool (A Lesson in Why Change Control is Important)

January 03, 2013 Added by:Gary McCully

This is a real world story around the dangers of not following proper change control processes when placing new systems in production. In this blog I will discuss how one person’s actions could have resulted in an attacker gaining complete access to the organization’s internal network. I am hoping this example will cause organizations to take their change control processes a little more seriou...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Bug Bounty Programs - As a Service?

January 02, 2013 Added by:Rafal Los

Now, admittedly you already probably know I'm not a huge proponent of "bug bounty" programs, as I see the abuses and failure potential outweigh the redemption value in the cases I've seen outside of the few 'big names'... but this caught my attention because they may actually be onto something.

Comments  (0)

296634767383f056e82787fcb3b94864

Would a Malware BuyBack Program Work?

December 27, 2012 Added by:Jeffrey Carr

Most malware writers just want to be paid for their research; something that isn't happening frequently enough or at a rate that's considered fair by the researchers. As a result, some of those researchers are exploring grey markets in offensive malware development or are selling 0-days to clients...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

Stuxnet is Back! No, new agencies have misunderstood

December 27, 2012 Added by:Pierluigi Paganini

Everytime news related to Stuxnet is spread on the Internet, immediately the worldwide security community writes on cyber war and the possible consequences of a cyber attacks, but what is really happening this time?

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »