Blog: In The News
You are here: Home \ Blog
TENERIFE, Spain – Intelligence services may be the security industry’s boogeyman right now, but for a long time, IT security has done a good job of following the government’s lead when it comes to developing new approaches and strategies. At the Kaspersky Lab Security Analyst Summit, Inbar Raz of PerimeterX illustrated how security has been in lockstep...
TENERIFE, Spain – Network defenders who rely solely on lists of assets to protect are running a fool’s errand. Instead, it’s crucial to think in graphs to not only visualize threats, but also to understand network edges, and dependencies between assets and accounts in order to be able to capture attacker activities and render them...
TENERIFE, Spain— Many bank robbers long ago dropped the stick-up man persona in favor of a keyboard and a reliable password-stealing Trojan. Banking malware, however, may soon not be good enough for the bad guys. More and more are copycatting the techniques deployed by advanced hackers to steal millions of dollars from banks and other...
A unique scareware campaign targeting Mac OS X machines has been discovered, and it’s likely the developer behind the malware has been at it a while since the installer that drops the scareware is signed with a legitimate Apple developer certificate. “Sadly, this particular developer certificate (assigned to a Maksim Noskov) has been used for...
Mike Mimoso and Chris Brook discuss the news of the week, including internet-connected teddy bears, the latest on the Going Dark debate, and whether or not there’s a backdoor in Socat. They also preview next week’s Security Analyst Summit in Tenerife, Spain. Download: Threatpost_News_Wrap_February_5_2016.mp3 Music by Chris Gonsalves
Website operators running sites on the WordPress platform need to be aware of a massive string of infections that as of Thursday were poorly detected by security products. Researchers at Heimdal Security said the compromised sites redirect victims to other domains hosting the Nuclear Exploit Kit, a potent collection of exploits for vulnerable Adobe products...
It’s been months since the U.S. Commerce Department’s Bureau of Industry and Security pulled the U.S. implementation of the Wassenaar Arrangement off the table for an unusual rewrite of the rules governing so-called intrusion software. The overly broad rule drew the ire of security and privacy experts because its vague language would put a serious...
Netgear’s ProSafe Network Management System suffers from two vulnerabilities, an arbitrary file upload and a path traversal, which could let a remote attacker execute code and download files. The problems affect the NMS300 product, a web-based system the company manufactures to help users monitor and manage SNMP networked devices. The utility connects to wireless access points, switches,...
Google’s Safe Browsing API is almost a living organism, constantly evolving and adapting to online threats. On Wednesday, Google announced the latest enhancements to the service, with new features that protect users on the web from deceptive embedded content. “You may have encountered social engineering in a deceptive download button, or an image ad that...
Google researcher Tavis Ormandy has disclosed that the Chromodo browser installed with Comodo Internet Security disables the same-origin policy by default. The same-origin policy is a fundamental tenet of web security, ensuring that scripts access data from a second webpage only if the two pages have the same origin. “Chromodo is described as ‘highest levels...
... 228229230231232233234235236 ... 243 ... 252 ... 261 ...