Top
Sponsor

Search

Recent Articles

Security Videos

Entries in News (3)

Sunday
Aug052012

Threat Down - 8/05/2012

DateSunday, August 5, 2012 at 11:33PM

This is the Threat Down for the week ending August 5th 2012. The Threat Down summarizes the weeks security news.

 

AuthorAdmin | CommentPost a Comment |
tagged , in
Sunday
Jul222012

Threat Down - 7/22/2012

DateSunday, July 22, 2012 at 9:18PM
Black Hat 2012: Hackers to explore malware analysis, next-gen attacks
Mahdi cyberespionage malware infects computers in Iran, Israel, other Middle Eastern countries
HP warns that malware writers getting harder to track and combat

Honorable Mentions

Securing the new data center
Check Point: Now you can run up to 250 virtual security systems on 1 gateway
spt v0.6.0 – Simple Phishing Toolkit Available For Download 
Mom accessed school system 110 times to change kids' grades
An analysis of the Yahoo! passwords
Diagnosing Malware with Resource Monitor
TippingPoint DNS Version Request increase
AuthorAdmin | CommentPost a Comment |
tagged , in
Sunday
Jul082012

Threat Down - 7/8/2012

DateSunday, July 8, 2012 at 8:58PM

Welcome to the Threat down for the week ending on July 8, 2012.  Here is a recap of noteworthy news items from throughout the week.

Top Security News

Phone-raiding Trojan slips past Apple’s App Store censors
While Apple wasn’t the only company that let this slide through their filters (Google as well), this is the first reported case of malware making it past Apple’s screening methods.  This trojan collects contact information, GPS information, and sends SMS to the contact list in an attempt to compromise more users.
We have learned a lot about why hashing isn’t enough (thanks Linkedin),  but it is nice t see some real metrics that can be leveraged to get management on board with slated hashes.  “it only took 72 hours to crack about 80% of 1.5 million eHarmony hashed passwords that were dumped”.
Okay, I promise this will be the last article about DNSChanger that makes this list, unless there is another extension.  Hard to believe that there are still 300,000 machines infected with DNSChanger after all of this publicity.  Also, I wish these news sites would stop saying that the internet is going to disappear, it is just DNS resolution that goes bye-bye.
There will be nine patches released this Tuesday, three of which will be critical.  While it is always important to keep your machines updated, this is a particularly significant patch Tuesday as the vulnerability that allowed Flame to leverage windows update is being addressed.
Ransomeware has been getting a lot of hype lately (thanks Reamde), but this particular strand goes above and beyond.  While normal ransomeware will encrypt your drive and then ask for money in return for the password to decrypt, this strand adds the threat of placing child pornography on the victim computer and calling the police.

Botnet infections in the enterprise have experts advocating less automation

This article brings up a subject that is near and dear to my heart.  Many organizations believe they can throw money at the Cyber problem to make it go away.  While funding is helpful, organizations need to learn that spending all their money on expensive silver bullet appliances is not nearly as valuable as hiring experienced security personnel. 

Honorable Mentions

Monkif Botnet Hides Commands in JPEGs 

Security firm in Tor Project 'mass surveillance' row responds

Stuxnet cyberattack by US a 'destabilizing and dangerous' course of action, security expert Bruce Schneier says

Wikileaks releases Syria Files, 2.4 million government related emails

Hacking IPv6 Networks SI6 Networks

IPv6 Security Tools

AuthorAdmin | CommentPost a Comment |
tagged , in