RSS Reader for Computer Security Articles
Kana Shinoda is a well known persona in the security field, she is the organizer of Code Blue and APWG, a review board of HITB, and was a coordinator of Black Hat Japan, Conference Coordinator and CTF Interpreter of AVTOKYO and the list can go on and on. We had the honor to interview her … Continue reading Know your community – Kana Shinoda
Hard work in 2016 definitely paid off for everyone on our endpoint security team here at Trend Micro. Recently Gartner, Inc. announced that Trend Micro had been positioned Highest and Furthest in the leader’s quadrant for its ability to Execute and Completeness of Vision in the 2017 Magic Quadrant for Endpoint Protection Platforms (EPP). Gartner…
Two officers of the Russian Federal Security Service (FSB) and a cybercrime investigator from Kaspersky Lab have reportedly been charged with treason for helping U.S. intelligence services.
The arrests of Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, and Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, happened in early December and were reported in the Russian media last week.
Since then, the arrest of a third FSB officer named Dmitry Dokuchayev, who also worked for the agency’s Information Security Center, came to light, and the investigation is said to have targeted even more people.
To read this article in full or to leave a comment, please click here
New research codifies a framework for the type of tools survivors need to protect their digital security and privacy from an abusive intimate partner. The post Tech Can Do More to Help Survivors of Abuse. Here’s Where to Start appeared first on WIRED.
Read More
While President Donald Trump decided not to sign an executive order on cybersecurity (pdf), which would have required a review of the nation’s cyber vulnerabilities to be done in a mere 60 days, he told reporters, “I will hold my cabinet secretaries and agency heads accountable, totally accountable for the cybersecurity of their organization.”
8 months later, vulnerable Pentagon servers still not patched
To read this article in full or to leave a comment, please click here
Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.
Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.
A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.
In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications — for example, arbitrary code execution.
To read this article in full or to leave a comment, please click here
Since its discovery in early 2016, we have tracked a number variations of Petya, a ransomware variant famous for multi-stage encryption that not only locks your computer, but also overwrites the Master Boot Record. Petya continues to persist, and in this blog we will take a deeper look at its more complex second stage of attack. Petya overwrites the Master Boot Record (MBR), along with its neighboring sectors using its boot code and a small kernel code. The MBR contains the master boot code, the partition table,…
Spora is a recent addition to the ransomware family that Quick Heal Lab has come across. It is a file encryptor ransomware that encrypts a user’s files with strong encryption algorithm and demands a ransom. Spora is launched with a good infection routine, the capability to work offline, well-designed and…
The post Beware of Spora – a professionally designed ransomware appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.
Read More