Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Researchers have discovered a new backdoor targeting Apache on cPanel-based servers. The attackers have replaced the Apache binary with a malicious one in such a way that it makes it nearly impossible to detect.
Microsoft has released a one-click Fix it to help protect customers from a recently-disclosed security vulnerability affecting Internet Explorer 8.
Several media sites, including two Washington, DC-based radio stations, have been compromised to infect unsuspecting visitors' systems with fake antivirus software.
According to a report from Panda Labs, 80% of the malware infections in Q1 2013 were Trojans.
A new version of the Java exploit kit g01pack has added a second stage to the exploit process in order to bypass detection by antivirus tools, security researchers have found.
An Algerian sought in connection with the "SpyEye" computer virus designed to steal financial and personal information was extradited by Thailand to the United States to face charges, officials said.
The United States' Department of Labor's Website has been breached and is serving up malware in drive-by-download attacks, security researchers warned.
Spam messages claiming to link to an invoice, shopping receipt, airline ticket, or some other type of confirmation document was the predominant mode of malware distribution in April, Solera Networks said.
In its Q1 2013 roundup, Trend Micro said that zero-day vulnerabilities, in addition to concentrated attacks that cause high-damage, such as those in South Korea, are on the rise and pose a serious risk to public organizations and personal information.
Just five days after Oracle released the patches, criminals have added exploits for Java’s recent flaws to their kits.
- 1 of 43
- ››
FEATURES, INSIGHTS // Malware
Passwords are the ultimate goal for many hacking operations regardless of their sophistication. But, it’s important that we address the reality that strong passwords can’t be the only answer.
Botnets are frequently found on today’s corporate networks. A growing number of the infections caused by botnets are in fact symptoms of an advanced targeted attack.
Security evasion and customized malware has become mainstream for attackers of all skill levels, and we will always lose if we attempt to fight an automated threat with a manual response.
One of the challenges with deploying a sandbox-only solution to deal with malware is that attackers are making it their job to understand security technologies, how they work, where they are deployed and how to exploit their weaknesses.
Ryan Naraine talks to Dr. Boldizar Bencsath of CrySyS Lab and Costin Raiu of Kaspersky Lab about Symantec's recent Stuxnet 0.5 discovery and the connections to the other cyber-surveillance operations like Duqu and Flame.
Ryan Naraine and Securosis CEO Rich Mogull discuss the Mandiant APT1 report and all the surrounding noise around advanced threat actors, the U.S. government's response and the disruptive change affecting the IT security industry.
Chances are you’ve never heard of Dr. John Snow. But the methods he used more than 150 years ago to solve the mystery of a cholera outbreak in London can be applied today to help you get to the heart of a malware outbreak in your enterprise.
Most of the time, attacks considered APTs use 0-Day exploits, or malware that slips past poorly updated AV software, or phishing to compromise a host or organization. There is nothing advanced about attacks like these.
Lack of information, too much information and misinformation weaken our ability to detect and respond to a security incident.
Motivated by the notoriety and knowledge gained by discovering and publicizing a new vulnerability, attackers continue to innovate. By using the latest techniques and technologies we can mitigate the damage from these advanced threats and protect ourselves from future attacks.
- 1 of 6
- ››
Subscribe to SecurityWeek
- Yahoo Japan Suspects 22 Million IDs Stolen
- US Authorities Seize Bitcoin Operator Accounts
- Saudi Reports Attacks on Government Websites
- Italian Police Raid Hackers Who Took on Vatican
- Britain's Financial Times 'Hacked by Syrians'
- The High Financial Costs of Failed Trust
- ESET Uncovers Cyber Espionage Campaign Targeting Government Agencies in Pakistan
- Malicious YouTube Pages Targeting Chrome Users
- Four Lulzsec Hackers Sentenced to Jail in Britain
- Online Crime Leaves $525 Million Price Tag for Consumers
Copyright © 2013 Wired Business Media. All Rights Reserved. Privacy Policy | Terms of Use