TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 16, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 20 Oct 2017 13:29:23 +0000

Various forms of fuzzing techniques that search for vulnerabilities in software programs have been around for several decades, but it can a tedious task, especially when looking at an entire enterprise application. Earlier this week, Zero Day Initiative (ZDI) vulnerability researcher Abdul-Aziz Hariri published a blog detailing how to fuzz the image conversion feature of…

Read more

Trend Micro Top Again for Breach Detection, Says NSS Labs

Credit to Author: TJ Alldridge| Date: Thu, 19 Oct 2017 15:13:08 +0000

In spite of a rapidly evolving landscape, data breaches remain among the most common and damaging cyber-threats facing organizations today. As digital transformation efforts take hold, so the corporate attacks surface grows, offering more opportunities for the bad guys to take aim at highly prized IP and customer data. They also have the element of…

Read more

Today’s Predictions for Tomorrow’s Internet

Credit to Author: Rik Ferguson (VP, Security Research)| Date: Thu, 19 Oct 2017 13:00:36 +0000

Making predictions is a tricky business and in no area more so than in the area of rapidly developing technology. The pace of change continues to accelerate and the nature of innovation is such that entrepreneurs, as well as criminals are continually searching for “the next big thing” to either benefit or to blight our…

Read more

Trend Micro is Proud to Sponsor G33kW33k!

Credit to Author: Natasha Hellberg (Senior Threat Researcher)| Date: Thu, 19 Oct 2017 12:00:47 +0000

It started as a small idea. Get a bunch of good people together, away from the pressures of their offices, and see if they could address some of the issues operational security teams have to deal with. Better monitoring tools; better analysis tools; new ways to generate threat indicators and feeds. That first year was…

Read more

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 9, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 13 Oct 2017 14:03:59 +0000

Even though “Patch Tuesday” isn’t supposed to exist anymore, here I am blogging about it. As I looked at the October updates from Microsoft, the usual suspects were there. But this month was a little different. We usually see critical vulnerabilities on the browser side, but Microsoft Office is in the spotlight with CVE-2017-11826 under…

Read more

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 2, 2017

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 06 Oct 2017 14:55:49 +0000

Have you ever read something online and you read a word as something else? Sometimes the weight of our eyelids makes our eyes deceive us after hours staring at a computer screen. As I stated to read a Zero Day Initiative blog published this week by Simon Zuckerbraun, instead of reading the word “Chakra,” which…

Read more

Cybersecurity in the Workplace is Everybody’s Business

Credit to Author: William “Bill” Malik (CISA VP Infrastructure Strategies)| Date: Tue, 10 Oct 2017 13:00:04 +0000

What can individual users do to preserve cybersecurity at work? Your organization is spending on cybersecurity tools, you have an awareness program, and if you look you will find that there are standards and procedures for choosing and maintaining products to help keep information secure. But what can an individual do? Remember – you are…

Read more

Bargains and brotherhood: The underground Digital Souks of the Middle East

Credit to Author: Rik Ferguson (VP, Security Research)| Date: Tue, 10 Oct 2017 12:00:29 +0000

The release of our report “Digital Souks: A glimpse into the Middle Eastern and North African underground” marks the 12th in our Cybercriminal Underground Economy Series (CUES). Having previously published several papers covering the Japanese, French, German, North American, Chinese, Russian and Brazilian undergrounds this is the first report of its kind focusing on this…

Read more

When Phishing Starts from the Inside

Credit to Author: Chris Taylor| Date: Thu, 05 Oct 2017 13:00:54 +0000

Phishing is one of the greatest and most time consuming challenge security professionals face today.A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials…

Read more