An old Android malware threat is targeting mobile devices in a new way: the NotCompatible mobile trojan is now using email spam to dupe people into clicking an initiating link.
Has HTTPS been broken?
In practical terms for the average user, probably not yet; but in the absolute terms of crypto-theory, probably yes – again. The difference is that security professionals measure security in the relative terms of risk analysis, while cryptographers tak…
Removing administrator rights is no solution against drive-by attacks
When Windows 7 was released, Gartner recommended that migration from XP be used as a catalyst for removing administrator rights from as many users as possible, which it said is ‘the single most important way to improve endpoint security.’
Kali Linux Release Aftermath
Five days into the Kali Linux release at BlackHat EU in Amsterdam, and we’re still not fully recovered. Since the release, we’ve had just over 90,000 downloads, a dozen or so package updates, added more articles to the Kali Documentation, s…
Credit reporting one key to celebrity doxxing affair
In the wake of the high-profile celebrity and politician doxxing campaign last week, in which private information about dozens of celebs from Michelle Obama to Kim Kardashian was posted online, more information about the provenance of the information h…
NIST’s National Vulnerability Database vulnerable and hacked
The first sign of a problem was the simple message, this site is ‘down for maintenance’. This was later replaced by the current message, NVD ‘has experienced an issue with its web services and is currently not available.’ The reality is, NVD got hacked…
Who’s really attacking your ICS Equipment?
State-sponsored malware such as Stuxnet and Flame raised awareness of ICS/SCADA vulnerabilities, and the potential for serious infrastructure damage via them. New research presented today at Blackhat Europe discusses the findings of a honeynet study in…
Printer-related security breaches affect 63% of enterprises
Even though organizations are increasingly aware of the damage that can be done to their reputation and customer trust through the misuse or loss of sensitive data, a new report reveals that only 22% of businesses have implemented secure printing initi…
Tibetan, Uyghur activists fall victim to MiniDuke malware
Activists for Tibet and China’s Uyghur community are being targeted once again, this time with an Adobe PDF vulnerability using the MiniDuke malware.
Malware attack recovery costs an average of $3,000 per day
Organizations citing cybersecurity costs as an impediment to implementing a layered defense should rethink their priorities: Denial of service (DDoS) and malware infection recovery costs range into the thousands of dollars – per day.