Feed aggregator

Cybercriminals tested the water in 2012 with malnets -- collections of domains, servers and websites designed to deliver malware -– and appear poised to target mobile devices even more so in 2013, according to a new report released yesterday.

read more

Today's February Microsoft Security Bulletin release patches a long list of vulnerabilities. However, only a subset of these vulnerabilities are critical. Four of them effect client side software and one effect server side - Internet Explorer, DirectShow media processing components (using web browsers or Office software as a vector of delivery), OLE automation components (APT related spearphish), and one effecting the specially licensed "Oracle Outside In" components hosted by Microsoft Exchange that could be used to attack OWA users.

This week figures to be a high-profile time for cybersecurity on Capitol Hill. Reports say President Barack Obama will issue a long-awaited executive order shortly after tonight’s State of the Union address, while another stab at getting the controversial CISPA cybersecurity bill signed into law could make its way to Congress tomorrow as well. The president is expected to discuss the executive order during tonight’s address.

read more

Adobe Flash Player CVE-2013-0633 is a critical vulnerability that was discovered and reported to Adobe by Kaspersky Lab researchers Sergey Golovanov and Alexander Polyakov. The exploits for CVE-2013-0633 have been observed while monitoring the so-called -legal- surveillance malware created by the Italian company HackingTeam. In this blog, we will describe some of the attacks and the usage of this 0-day to deploy malware from -HackingTeam- marketed as Remote Control System.

The Department of Homeland Security’s Office for Civil Rights and Civil Liberties (CLCR) has determined that the DHS’s warrantless, and often suspicion-less, search and seizure of electronics devices at U.S. borders does not violate the Fourth Amendment protection against unreasonable search or seizure.

read more

A malvertising campaign that’s lasted almost half a year is staying alive thanks to infected web advertisements being circulated by otherwise clean ad networks.

read more

Week one of the Mega cloud storage service bug bounty is in the books and at least three payouts have been made. Controversial entrepreneur and MegaUpload founder Kim Dotcom made the challenge last week offering a €10,000 reward to anyone who could break the encryption protecting the service.

read more

For now, the Lucky Thirteen attacks described in a paper last week by researchers at Royal Holloway, University of London, are largely theoretical. But the potential exists to adapt techniques used in the BEAST attacks against TLS/SSL to improve the feasibility of Lucky Thirteen, a researcher said.

read more

Virtualization software maker VMware issued an update last Thursday resolving a virtual machine communication interface (VMCI) vulnerability in its ESX Server, Workstation, Fusion and View products that could lead to a privilege escalation if unpatched.

According to the VMware security advisory, a local attacker could potentially exploit a control code handling vulnerability in vmci.sys in order to tamper with memory allocation in the VMCI code and eventually obtain elevated privileges on Windows-based hosts and guest operating systems.

read more

Dennis Fisher talks with Ryan Naraine, the founding editor of Threatpost, about the Security Analyst Summit in San Juan, the reason why so many talks at security conferences sound the same and why surprise talks are so valuable.

You are missing some Flash content that should appear here! Perhaps your browser cannot display it, or maybe it did not initialize correctly.

read more

Researchers are tracking a new version of the Kelihos botnet, one that comes complete with better resistance to sinkholing techniques and a feature that enables it to remain dormant on infected machines for long periods to help avoid detection. The botnet also is using an advanced fast-flux capability to hide the domains it uses for command-and-control and malware distribution.

read more

Tired of all those malware and vulnerability reports that count how many of each have been reported to security companies? Well, Microsoft has taken a different tack in its latest Security Intelligence Report (SIR) by globally comparing regions’ relative security against socio-economic factors including the maturity of a national or regional cybersecurity policy.

The results aren’t so surprising; areas such as Europe with well-defined, long-standing and enforceable policies rate much better than less developed nations where crime per capita is higher, there’s less broadband penetration and a higher rate of piracy.

read more

Under an EU law proposed yesterday, a collection of firms across Europe would have to alert regulators when they’ve been hacked, suffered a data breach or been attacked online.

read more

Exploits targeting two previously unreported flaws in Flash Player prompted Adobe to release an emergency patch yesterday. One of the attacks is targeting aerospace and other manufacturing companies, and is being delivered via infected Microsoft Office documents. The other is being carried out over the Web targeting Firefox and Safari on Mac OS X.

read more

Microsoft announced yesterday it will ship 12 bulletins addressing 57 vulnerabilities in the February 2013  Patch Tuesday release of security updates. Five of the updates, which Microsoft will release Tuesday, received "critical" ratings while the remaining seven are considered "important."

read more

A former Minnesota state employee was charged Thursday with misdemeanors for allegedly accessing thousands of driver's licenses during a four-year period and storing 172 of them in an encrypted file. Ninety percent of victims in the data breach were women.

read more

The latest version of a phone number harvesting tool offers its users the ability to trawl the public web and collect mobile phone numbers indexed on sites that ask visitors for them, according to a Webroot report.

read more

PostgreSQL, a database management system for Linux, FreeBSD and other platforms patched a hole today that could have opened the system up to a denial-of-service (DOS) vulnerability in addition to a slew of other security flaws.

read more

Every year it seems that security-related news advances further from its roots in national security circles, IT departments, and the antivirus industry into the mainstream consciousness. From July to the end of year was no exception. However, despite a handful of flashy security stories, F-Secure claims that the second half of 2012 was really about things that rarely (if ever) come up in local and national news: botnets, ZeroAccess in particular, Java and other Web exploits, and the ubiquitous Zeus banking Trojan.

read more

A combination of vulnerabilities in D-Link’s DIR-300 and DIR-600 routers could allow an attacker to inject arbitrary shell commands and ultimately compromise the device, according to German security researcher Michael Messner who publicly disclosed the flaw on his personal blog Monday.

read more