Feed aggregator

Blog: Securmatica XXV.

Secure List feed for B2B - Thu, 05/01/2014 - 02:26

The twenty-fifth edition of Securmática was held in Madrid (Spain) on April 22, 23 and 24, 2014. Although its content is not usually highly technical, it is a really interesting event for catching-up with the cybersecurity industry at an “institutional” level.

UltraDNS Dealing with DDoS Attack

Threatpost for B2B - Wed, 04/30/2014 - 15:11
DNS provider UltraDNS has been under a DDoS attack for much of the day.

Researchers Find IE VGX Components Likely Exploited in Zero-Day Attacks

Threatpost for B2B - Wed, 04/30/2014 - 13:23
Researchers used crash reports sent via Windows Error Reporting to uncover two components likely being exploited by the latest Internet Explorer zero day vulnerability.

Target Accelerates Chip-and-Pin Roll Out, Hires New CIO

Threatpost for B2B - Wed, 04/30/2014 - 12:13
Target is accelerating plans to move to a full chip-and-pin system for its branded credit and debit cards.

Hacking Traffic Systems for Fun and Chaos

Threatpost for B2B - Wed, 04/30/2014 - 11:29
The devices that control traffic lights and electronic signs in many cities are vulnerable to a number of attacks, can be exploited quite easily and used to spread malware from device to device.

Mozilla Redesigns Firefox Browser, Fixes Security Vulnerabilities

Threatpost for B2B - Wed, 04/30/2014 - 11:25
Mozilla yesterday released the substantially redesigned version 29 of its Firefox browser, including fixes for a number of critical and highly rated security vulnerabilities.

Blog: CODEGATE 2014

Secure List feed for B2B - Wed, 04/30/2014 - 09:24
CODEGATE 2014 was held in COEX, Seoul Samsung from 2nd-3rd April. It is one of the major hacking festivals, composed of hacking contests (CTF) and an international conference. The purpose of this event is to discover and cultivate the human resources of IT security. It is also a venue for younger people to meet professionals in IT security, giving them the chance to play an active part in the CTF events and speaking at the conference.

Vishing Attacks Targeting Dozens of Banks

Threatpost for B2B - Tue, 04/29/2014 - 17:45
A recent VoIP phishing campaign has been netting the payment card information of up to 250 Americans per day.

Senate Draft Bill to Protect Threat Information Sharing

Threatpost for B2B - Tue, 04/29/2014 - 15:59
A proposed bill would promote public-private information sharing by protecting private entities seeking to share cyber threat information with the government.

Volume of NTP Amplification Attacks Getting Louder

Threatpost for B2B - Tue, 04/29/2014 - 13:03
NTP amplification attacks account for the majority of DDoS attacks that exceed 100 Gbps, according to Arbor Networks.

The White House and Zero Day Sleight of Hand

Threatpost for B2B - Tue, 04/29/2014 - 10:50
The White House wants you to know that it did not know about the OpenSSL Heartbleed vulnerability before you did. The White House also wants you to know that administration officials don’t think stockpiling zero days isn’t necessarily good for national security. That’s all well and good, except that it mostly doesn’t matter.

Click-Fraud Sefnit Variant Shuns Tor for SSH

Threatpost for B2B - Tue, 04/29/2014 - 09:26
Facebook security researchers discovered a new variant of the Sefnit click-fraud malware. Unlike previous versions that used Tor for communication, this one uses SSH over port 443.

Google Removes Bitcoin Mining Android Malware from Play

Threatpost for B2B - Mon, 04/28/2014 - 16:26
Google recently removed five bogus wallpaper applications from its Play marketplace after they were found sneakily mining Bitcoins.

AOL Investigating Breach, Urges Users to Change Passwords

Threatpost for B2B - Mon, 04/28/2014 - 14:21
AOL said its networks were breached and customer information was stolen to send spoofed spam messages. Users are being told to change their passwords.

Siemens Update on Heartbleed Patches in ICS, SCADA

Threatpost for B2B - Mon, 04/28/2014 - 12:03
Siemens continues to work on patches and provide updates to their ICS and SCADA systems affected by the OpenSSL Heartbleed vulnerability.

Flash Zero Day Used to Target Victims in Syria

Threatpost for B2B - Mon, 04/28/2014 - 11:43
A couple days after Microsoft warned users about a new vulnerability in Internet Explorer that’s being used in targeted attacks, Adobe on Monday said that researchers have discovered a zero day in Flash, as well, which attackers are using to target victims in Syria through a watering hole attack on a compromised Syrian government site.
Syndicate content