Jargon Watch: Stochastic Terrorism Lets Bullies Operate in Plain Sight
Credit to Author: Jonathon Keats| Date: Mon, 21 Jan 2019 11:00:00 +0000
It takes a master demagogue to weaponize unstable individuals and aim them at political enemies.
Read MoreComputer Security Articles
RSS Reader for Computer Security Articles
Month: January 2019
A week in security (January 14 – 20)
Credit to Author: Malwarebytes Labs| Date: Mon, 21 Jan 2019 16:48:38 +0000
 | |
| A roundup of last week’s security news from January 14 to 20, including APT10, Fallout EK, Colllection 1 data, Youtube challenges, hosting malicious sites and a Fortnite security flaw. Categories: Tags: APT10ArsTechnicaBleepingComputerCoinDeskcollection 1cryptopiacve-2019-0543DASFallout EKfortnitegarminGarmin watchhostingHTTPSoregonpowershellPowerShell Team BlogSC Mediashutdowntelegramthreadxyoutube |
The post A week in security (January 14 – 20) appeared first on Malwarebytes Labs.
Read MoreHas two-factor authentication been defeated? A spotlight on 2FA’s latest challenge
Credit to Author: Malwarebytes Labs| Date: Mon, 21 Jan 2019 16:15:30 +0000
 | |
| While many tech-savvy folks are familiar with two-factor authentication (2FA), more are unaware that there are several ways around it. A tactic called Modlishka, the English pronunciation for the Polish word for “mantis,” is the latest in this list. Categories: Tags: 2fa2FA modlishkaAmnesty InternationalCERTFAdefeat 2FAmantismodlishkapassword managerPGPSocial Engineeringthe return of charming kittentotptwo-factor authentication |
The post Has two-factor authentication been defeated? A spotlight on 2FA’s latest challenge appeared first on Malwarebytes Labs.
Read MoreWhatsApp and Facebook ticket giveaways: viral fraud
Credit to Author: John Snow| Date: Mon, 21 Jan 2019 11:19:37 +0000
WhatsApp and Facebook are swimming in links to ticket giveaways for fun fairs and airlines. Don’t get excited though, the tickets are fake.
Read MoreMalspam email – Jack of all malware, master of none.
Credit to Author: Shriram Munde| Date: Mon, 21 Jan 2019 07:37:49 +0000
Malspam email or malicious spam emails are considered to be one of the favorite malware delivery channels for the attackers to deliver the malware to targeted victims. Attackers also run spam email campaigns to distribute their malware to a large number of users. For attackers to succeed, two things are…
Read MoreSSD Advisory – Teco SG2 and TP3 Vulnerabililites
Credit to Author: SSD / Noam Rathaus| Date: Mon, 04 Jul 2016 12:58:21 +0000
Vulnerabilities Description Multiple vulnerabilities have been found in Teco’s SG2 and TP3 product, these vulnerabilities allows attackers that are able to supply the products with a specially crafted file to cause it to execute arbitrary code. TECO TP3 PC-LINK tpc file parsing Stack Buffer Overflow Code Execution TECO uses their own propriety file format known … Continue reading SSD Advisory – Teco SG2 and TP3 Vulnerabililites
Read MoreUsing Machine Learning To Detect Anomalies
Credit to Author: dmitryc| Date: Mon, 21 Dec 2015 22:07:07 +0000
I’m going to start blogging more about detection of protocol/app anomalies, detection of lateral movement and/or data exfiltration, and more. For many years I have been watching users and applications furrow their way across networks and I’m gonna start data-dumping that info here 🙂 But…first…I manage a web server for a friend. It occurred to … Continue reading Using Machine Learning To Detect Anomalies
Read MoreOracle CSO is right
Credit to Author: dmitryc| Date: Tue, 11 Aug 2015 16:34:29 +0000
The internet (or at least twitter) is exploding regarding this, now deleted, post : Mary Ann Davidson blog post Let me start by saying that she is right. Yes, she’s right. Breaking the EULA is against the law. You can’t argue about that. You can’t argue that they should be paying a bug bounty. You … Continue reading Oracle CSO is right
Read More