Source: Krebs on Security
Brian Krebs has a short piece on upcoming technology called BLADE, designed to specifically address the problem of drive-by downloads. The article includes some interesting data (in pie charts) on the kinds of things most widely exploited, and the most prevalent exploit kits.
Tuesday, 23 February 2010
Thursday, 4 February 2010
Climate Crime: Phishing Scam Cripples European Emissions Trading
Source: SPIEGEL ONLINE
Phishers have found a new target in their unending quest for a quick buck: greenhouse gas emissions allowances. I will refrain from further comment on the matter.
Phishers have found a new target in their unending quest for a quick buck: greenhouse gas emissions allowances. I will refrain from further comment on the matter.
Researchers penetrate last bastion of Windows security
Source: The Register
Researchers have found an effective technique called "JIT-spray" to work around the protections offered by ASLR (address space layout randomisation) and DEP (data execution prevention), which give Windows Vista and 7 greater protection against malware than was offered by earlier versions. This is significant, because it means a range of known vulnerabilities which were specific to Windows XP are now likely to work against Windows Vista and 7 machines.
Researchers have found an effective technique called "JIT-spray" to work around the protections offered by ASLR (address space layout randomisation) and DEP (data execution prevention), which give Windows Vista and 7 greater protection against malware than was offered by earlier versions. This is significant, because it means a range of known vulnerabilities which were specific to Windows XP are now likely to work against Windows Vista and 7 machines.
Report Details Hacks Targeting Google, Others
Source: Threat Level
Threat Level is running an interesting article on Advanced Persistent Threats (APT): targeted network attacks of the sort which Google disclosed recently. These stand in contrast to the rather more opportunistic threats posed by general malware and botnets. APT attackers intend to infiltrate a specific network and establish a foothold there, granting them unlimited access to documents and data hosted on the network. The practice is startlingly common, with a disproportionately large number of victims among companies which have dealings in or with China.
Threat Level is running an interesting article on Advanced Persistent Threats (APT): targeted network attacks of the sort which Google disclosed recently. These stand in contrast to the rather more opportunistic threats posed by general malware and botnets. APT attackers intend to infiltrate a specific network and establish a foothold there, granting them unlimited access to documents and data hosted on the network. The practice is startlingly common, with a disproportionately large number of victims among companies which have dealings in or with China.
Subscribe to:
Posts (Atom)
