Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.
Researchers at ESET have discovered a targeted campaign in Pakistan, which is attempting to compromise sensitive information from various organizations. While limited, traces of the same attack have also been discovered in other parts of the globe.
Researchers at Zscaler have discovered a fake YouTube page that is hosting malicious Chrome extensions. Such pages, as seen in the past, prey on the uninformed users with poorly patched systems to spread malware.
The Research and Education Networking Information Sharing and Analysis Center, or REN-ISAC, issued an alert to administrators and IT staffers at some of the world’s most notable institutions of higher learning that urges them to take the matter of securing DNS seriously.
Barracuda Networks released version 7.8 of their Web Application Firewall (WAF), which was developed with the aim of lowering the impact Distributed Denial of Service (DDoS) attacks have on an organization.
Researchers have discovered a new backdoor targeting Apache on cPanel-based servers. The attackers have replaced the Apache binary with a malicious one in such a way that it makes it nearly impossible to detect.
It may seem like an unlikely source for practical advice and a solid incident report, but after their Twitter feed was compromised by the Syrian Electronic Army (SEA), The Onion (a popular satire news rag) posted solid details on the incident without the usual jokes.
Adrian-Tiberiu Oprea, 29, of Constanta, Romania, pleaded guilty on Tuesday to the charges against him, stemming from his participation in a 2011 scheme to steal payment card data from point of sale (POS) systems.
A group of researchers from Northwestern University and North Carolina State University tested ten of the most popular AV products on Android, and discovered that they were fooled by common obfuscation techniques.
Dave Piscitello outlined some essential tasks for organizations to take should they find themselves the victim of a DDoS. Regardless of the reason for the attack, speed is the one thing that will make all the difference in mitigation and recovery.
In its Q1 2013 roundup, Trend Micro said that zero-day vulnerabilities, in addition to concentrated attacks that cause high-damage, such as those in South Korea, are on the rise and pose a serious risk to public organizations and personal information.