Security Experts:
Steve Ragan
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.
Recent articles by Steve Ragan
-
Researchers at ESET have discovered a targeted campaign in Pakistan, which is attempting to compromise sensitive information from various organizations. While limited, traces of the same attack have also been discovered in other parts of the globe.
-
Researchers at Zscaler have discovered a fake YouTube page that is hosting malicious Chrome extensions. Such pages, as seen in the past, prey on the uninformed users with poorly patched systems to spread malware.
-
The Research and Education Networking Information Sharing and Analysis Center, or REN-ISAC, issued an alert to administrators and IT staffers at some of the world’s most notable institutions of higher learning that urges them to take the matter of securing DNS seriously.
-
Barracuda Networks released version 7.8 of their Web Application Firewall (WAF), which was developed with the aim of lowering the impact Distributed Denial of Service (DDoS) attacks have on an organization.
-
McAfee launched a new biometric protection suite, promising uniform data protection across multiple platforms, including Mac OS X, iOS, Windows, and Android.
-
During the Reuters Cybersecurity Summit this week, FBI Executive Assistant Director Richard McFeely said that the agency is pushing a broader effort to communicate more with victims of cybercrime.
-
Researchers have discovered a new backdoor targeting Apache on cPanel-based servers. The attackers have replaced the Apache binary with a malicious one in such a way that it makes it nearly impossible to detect.
-
Carsten Eiram, Chief Research Officer for Risk Based Security, recently published three advisories that disclose vulnerabilities in products offered by Rockwell Automation and Schneider Electric.
-
The Internet Crime Complaint Center has issued an advisory pertaining to a spike in Phishing attacks against telecommunications customers.
-
It may seem like an unlikely source for practical advice and a solid incident report, but after their Twitter feed was compromised by the Syrian Electronic Army (SEA), The Onion (a popular satire news rag) posted solid details on the incident without the usual jokes.
-
Domain registrar Name.com sent an email to all of their customers, disclosing a security incident that may have compromised some sensitive information.
-
Billy Rios and Terry McCorkle, researchers for Cylance, discovered that Google was using an outdated version of the Niagara framework building management system.
-
Adrian-Tiberiu Oprea, 29, of Constanta, Romania, pleaded guilty on Tuesday to the charges against him, stemming from his participation in a 2011 scheme to steal payment card data from point of sale (POS) systems.
-
A group of researchers from Northwestern University and North Carolina State University tested ten of the most popular AV products on Android, and discovered that they were fooled by common obfuscation techniques.
-
According to a report from Panda Labs, 80% of the malware infections in Q1 2013 were Trojans.
-
Saturday’s attack against E! Online centered on pop-culture and propaganda.
-
The Mozilla Foundation has sent a cease and desist letter to Gamma International, after the firm used the Firefox brand to hide FinFisher’s real purpose.
-
According to researchers at Cyber Squared, the group APT1, as named by Mandiant earlier this year, is up to their same old tricks.
-
Leveraging IP-based devices, such as printers, cameras, routers, hubs, and sensors, criminals have created chaos online, shutting down networks and servers in a matter of minutes.
-
After a series of attacks against accounts maintained by media companies, Twitter has issued a memo on security best practices and encouraged them to remain vigilant.
-
In a recent speech to top U.K. officials, Eugene Kaspersky called for stronger relations between the government and the private sector.
-
Dave Piscitello outlined some essential tasks for organizations to take should they find themselves the victim of a DDoS. Regardless of the reason for the attack, speed is the one thing that will make all the difference in mitigation and recovery.
-
In its Q1 2013 roundup, Trend Micro said that zero-day vulnerabilities, in addition to concentrated attacks that cause high-damage, such as those in South Korea, are on the rise and pose a serious risk to public organizations and personal information.
-
Just five days after Oracle released the patches, criminals have added exploits for Java’s recent flaws to their kits.
-
On Thursday, Rapid7 advised users of Apple’s Safari Web browser to avoid opening “.webarchive” files, after the discovery of a vulnerability in the security model of the webarchive format.
Subscribe to SecurityWeek
- Yahoo Japan Suspects 22 Million IDs Stolen
- US Authorities Seize Bitcoin Operator Accounts
- Saudi Reports Attacks on Government Websites
- Italian Police Raid Hackers Who Took on Vatican
- Britain's Financial Times 'Hacked by Syrians'
- The High Financial Costs of Failed Trust
- ESET Uncovers Cyber Espionage Campaign Targeting Government Agencies in Pakistan
- Malicious YouTube Pages Targeting Chrome Users
- Four Lulzsec Hackers Sentenced to Jail in Britain
- Online Crime Leaves $525 Million Price Tag for Consumers
Copyright © 2013 Wired Business Media. All Rights Reserved. Privacy Policy | Terms of Use