Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

Fixmo Unveils New Enterprise Mobility Management Suite
Fortinet Unveils New Web App Firewall OS, Appliances
Most Small to Medium Enterprises Clueless on Common Mobile Threats: Survey
Cloud Security Concerns Stall Projects, Survey Finds
AVG Acquires Online Privacy Firm PrivacyChoice
long dotted

NEWS & INDUSTRY UPDATES

Upgrades to Travnet Botnet Gives Attackers Full Control of Infected Systems
Cyber-criminals are actively updating the Travnet malware and improving the botnet's infrastructure to boost its document-stealing capabilities.
Read More..
New Apache Backdoor Targeting cPanel Installations
Researchers have discovered a new backdoor targeting Apache on cPanel-based servers. The attackers have replaced the Apache binary with a malicious one in such a way that it makes it nearly impossible to detect.
Read More..
Microsoft Releases 'Fix It' to Address Recent IE Vulnerability Used in Watering Hole Attacks
Microsoft has released a one-click Fix it to help protect customers from a recently-disclosed security vulnerability affecting Internet Explorer 8.
Read More..
Popular Media Websites Compromised to Deliver Malware to Visitors
Several media sites, including two Washington, DC-based radio stations, have been compromised to infect unsuspecting visitors' systems with fake antivirus software.
Read More..
Trojan Infections Set New Record in Q1 2013: Panda Labs
According to a report from Panda Labs, 80% of the malware infections in Q1 2013 were Trojans.
Read More..
'g01pack' Exploit Kit Now Delivers Payload Via Multi-stage Attack
A new version of the Java exploit kit g01pack has added a second stage to the exploit process in order to bypass detection by antivirus tools, security researchers have found.
Read More..
Algerian Sought for SpyEye Malware Extradited to US
An Algerian sought in connection with the "SpyEye" computer virus designed to steal financial and personal information was extradited by Thailand to the United States to face charges, officials said.
Read More..
Department of Labor Website Hacked to Distribute Malware
The United States' Department of Labor's Website has been breached and is serving up malware in drive-by-download attacks, security researchers warned.
Read More..
Attackers Using Compromised Web Servers to Spread Kuluoz Trojan
Spam messages claiming to link to an invoice, shopping receipt, airline ticket, or some other type of confirmation document was the predominant mode of malware distribution in April, Solera Networks said.
Read More..
Zero-Day Vulnerabilities, Destructive Attacks Top Threats in Q1: Trend Micro
In its Q1 2013 roundup, Trend Micro said that zero-day vulnerabilities, in addition to concentrated attacks that cause high-damage, such as those in South Korea, are on the rise and pose a serious risk to public organizations and personal information.
Read More..

FEATURES, INSIGHTS // Malware

rss icon

Chris Hinkley's picture
When it Comes to Your Infrastructure, Security is More than Skin Deep
Chris Hinkley - Network Security
Without the internal and external safeguards working in conjunction, your vulnerability will spike and your performance will suffer as a by-product -- two things you can’t afford to have happen.
Read full story
Wade Williamson's picture
Passwords, Malware and the AP-Twitter Hack
Wade Williamson - Malware
Passwords are the ultimate goal for many hacking operations regardless of their sophistication. But, it’s important that we address the reality that strong passwords can’t be the only answer.
Read full story
John Vecchi's picture
Advanced Threat Protection & Visibility: Criminal Circuits and Botnets
John Vecchi - Network Security
Botnets are frequently found on today’s corporate networks. A growing number of the infections caused by botnets are in fact symptoms of an advanced targeted attack.
Read full story
Wade Williamson's picture
Getting a Handle on the Scale of Modern Malware
Wade Williamson - Network Security
Security evasion and customized malware has become mainstream for attackers of all skill levels, and we will always lose if we attempt to fight an automated threat with a manual response.
Read full story
Marc Solomon's picture
It's Time to Think Outside the Sandbox
Marc Solomon - Network Security
One of the challenges with deploying a sandbox-only solution to deal with malware is that attackers are making it their job to understand security technologies, how they work, where they are deployed and how to exploit their weaknesses.
Read full story
Ryan Naraine's picture
Podcast: Boldizar Bencsath of CrySyS Lab and Kaspersky's Costin Raiu Discuss Stuxnet 0.5
Ryan Naraine - Malware
Ryan Naraine talks to Dr. Boldizar Bencsath of CrySyS Lab and Costin Raiu of Kaspersky Lab about Symantec's recent Stuxnet 0.5 discovery and the connections to the other cyber-surveillance operations like Duqu and Flame.
Read full story
Ryan Naraine's picture
Podcast: Securosis' Rich Mogull on Mandiant's APT1 Report and Advanced Threat Actors
Ryan Naraine - Malware
Ryan Naraine and Securosis CEO Rich Mogull discuss the Mandiant APT1 report and all the surrounding noise around advanced threat actors, the U.S. government's response and the disruptive change affecting the IT security industry.
Read full story
Marc Solomon's picture
Cholera, Malware and Stopping Outbreaks at the Source
Marc Solomon - Network Security
Chances are you’ve never heard of Dr. John Snow. But the methods he used more than 150 years ago to solve the mystery of a cholera outbreak in London can be applied today to help you get to the heart of a malware outbreak in your enterprise.
Read full story
Steve Ragan's picture
Opinion: ISACA Study Adds Fuel to the APT Fire
Steve Ragan - Malware
Most of the time, attacks considered APTs use 0-Day exploits, or malware that slips past poorly updated AV software, or phishing to compromise a host or organization. There is nothing advanced about attacks like these.
Read full story
Marc Solomon's picture
When an Incident Happens, Do You Have What it Takes to Respond?
Marc Solomon - Malware
Lack of information, too much information and misinformation weaken our ability to detect and respond to a security incident.
Read full story