Cyber Security News

Webstresser: When Platform Capitalism Goes Rogue

Cyber Security News - Tue, 07/24/2018 - 20:01
Platform criminality is leading to a rise in online services that offer easy access to malware and cybercrime expertise; We must move beyond a simplistic firefighting approach to cybercrime if we want to disrupt cybercrime supply chains. Earlier this year, an international law enforcement....
Categories: Cyber Security News

Virtualization-Based Security

Cyber Security News - Tue, 07/24/2018 - 20:01
Bromium micro-virtualization technology uses a Xen-based security-focused hypervisor we call the Bromium Microvisor. We take advantage of the hardware features that are built into Intel® and AMD® CPUs to run each task in a single-use hardware-isolated container.
Categories: Cyber Security News

Malware & Fileless Malware: How It’s Created, How It Spreads, and What To Do About It [On-Demand Webinar]

Cyber Security News - Tue, 07/24/2018 - 20:01
In this , experts in cybersecurity share their views on what’s going on with malware, and how it evolves to outsmart even your most elaborate defenses; Hear about the growing proliferation of “fileless malware” — malware that uses trusted programs in sinister ways, instead of delivering the usual....
Categories: Cyber Security News

Dissecting the POP SS Vulnerability

Cyber Security News - Tue, 07/24/2018 - 20:01
The newly uncovered takes advantage of a widespread misconception about behaviour of pop ss or mov ss instructions resulting in exceptions when the instruction immediately following is an interrupt. It is a privilege escalation, and as a result it assumes that the attacker has some level of control over a userland process (ring 3).
Categories: Cyber Security News

Bromium Secure Platform

Cyber Security News - Tue, 07/24/2018 - 20:01
The Bromium Secure Platform stops attacks and protects your endpoints using virtualization-based security. Every time a user opens a web page, downloads a file, or clicks on an email link, Bromium creates a micro-virtual machine, isolating each task and any malware it may contain.
Categories: Cyber Security News

Email Attachments

Cyber Security News - Tue, 07/24/2018 - 20:01
Employees must open email attachments to do their jobs. Cybercriminals know this, and have devised cunning ways to trick users into opening malicious attachments, bypassing layered defenses. Contain malware. Instantly isolate Outlook and webmail attachments in a secure, disposable micro-VM. Protect the host.
Categories: Cyber Security News

Cyber Attacks Spike in Finland Before Trump-Putin Meeting

Cyber Security News - Tue, 07/24/2018 - 20:01
The common use of the ports shown in the table below is an indicator of what the attackers are after. IoT devices are moving to SSH for remote administration because it’s more secure than Telnet—although “protecting” with default admin credentials doesn’t secure anything.
Categories: Cyber Security News

New Jenkins Campaign Hides Malware, Kills Competing Crypto-Miners

Cyber Security News - Tue, 07/24/2018 - 20:01
Indications of Compromise Files: a; config.json; cron.d; x; dir.dir; h32; h64; run; Java; upd; x86_64 (These files will most likely exist under /tmp/.tmp/ folder but finding these bunch in a different folder is a strong indication as well) logo.jpg – should be concerning if the file is an executable.
Categories: Cyber Security News

View Full Resources Center

Cyber Security News - Tue, 07/24/2018 - 20:01
Episode 32: MITRE ATT&CK™ Framework and the Mueller GRU Indictment In today’s ShadowTalk, we take on the Robert Mueller indictment against 12 Russian individuals for alleged US election interference. However, rather than dwell on issues of attribution and...
Categories: Cyber Security News

VIP Exposure

Cyber Security News - Tue, 07/24/2018 - 20:01
Protect Your Staff and Employees. Read Data Sheet VIPs and executives who are critical to your organization and brand can be targeted by threat actors. Angry employees, protesters and advanced persistent threat actors, intent on damaging reputations or exploiting data gaps, can gain access to sensitive company information.
Categories: Cyber Security News

Whitepapers & Reports

Cyber Security News - Tue, 07/24/2018 - 20:01
Digital Risk Protection 2018 Forrester New Wave Digital Shadows Named a "Leader" in 2018 Forrester New Wave for Digital Risk Protection The State of Cybercrime in the Post-AlphaBay and Hansa Age Underground Marketplace model in decline as cybercriminals switch to chat channels to trade illegal goods.
Categories: Cyber Security News

网络安全

Cyber Security News - Tue, 07/24/2018 - 20:00
该机器人可以像医生一样“望闻问切”,对程序进行显微镜级别的勘察,并完整“回放”其运作过程,因此,可以侦测出程序中的漏洞或隐蔽行为。 100 多家车厂的机密数据被泄露,包括通用汽车、菲亚特克莱斯勒、福特、特斯拉、丰田、蒂森克虏伯、大众等。 警方于2018年4月11日成功破获389万台肉鸡电脑挖矿大案,涉案案值高达1500余万元。近日,该案案情向公众披露。 黑灰产在世界杯期间利用谷歌、百度等搜索引擎以及各类网站的系统低危漏洞,突破规则约束和重重障碍,将非法赌博和彩票网站广告推送给用户移动端和 PC 端设备。 在智能时代,黑客黑掉一个扫地机器人和一个手机,可以看做是黑掉智能产品的肉体,而在人工....
Categories: Cyber Security News

wifi 二维码

Cyber Security News - Tue, 07/24/2018 - 20:00
研究人员发现,iOS 11 相机 app 扫描的 二维码 可能欺骗用户,扫描出来的网站信息与真正前往的网站信息不同。 经常走夜路的人,容易遇见鬼。对监测网络安全威胁的人来说,遇见一两个掉节操的攻击者,这绝对是大概率事件。 往年的春运抢票总是令人焦虑无比,不仅要拼网速、手速,还要挑战近乎玄学的 二维码. 央行出台条码支付新规利于银联扫 码 支付发展,微信绑定身份证拓宽国民级应用场景,支付宝发起“发红包赚赏金”活动,这场围绕支付入口的场景金融大战正如火如荼。 今日银联官网发布消息称,“云闪付”APP可一键查询多家银行卡余额,​已支持工行、中行、邮储、中信、兴业、浦发、光大、北京银行和上海银行....
Categories: Cyber Security News

微信机器人

Cyber Security News - Tue, 07/24/2018 - 20:00
2016-06-24 20:26. 傲客 导语:一个脑洞大开的程序猿写了用开源程序改了一个微信聊天机器人,然后......它就被玩坏了。 雷锋网按:本文作者傲客,i春秋授权雷锋网独家首发。 写在前面. 微信作为时下最in最热的移动端即时通讯App,把我们的工作和生活紧密联系到了一起。一个脑洞大开的程序猿写了 用开源程序改了一个微信聊天机器人 ,并且在不断调试中给它 赋予了n多好玩的功能譬如防撤回信息之类 。然后好死不死他在号称白帽黑客欢喜地的 “i春秋-信息安全魔法学院”微信群中做机器人的调试,于是分分钟被凶残的坏蛋们玩坏,这个小程序猿也被微信封号处理,结果顽强不息的程序员为了突破微信封锁又做....
Categories: Cyber Security News

Positive Technologies experts discover dangerous vulnerabilities in robotic vacuum cleaners

Cyber Security News - Tue, 07/24/2018 - 20:00
Vacuum cleaners can be used to eavesdrop, perform video surveillance, and steal private data. Positive Technologies specialists Leonid Krolle and Georgy Zaytsev have uncovered vulnerabilities in Dongguan Diqee 36 0 robotic vacuum cleaners. The security issues, found on Dongguan Diqee-branded....
Categories: Cyber Security News

Positive Technologies report: number of cyber incidents in Q1 jumped by 32 percent

Cyber Security News - Tue, 07/24/2018 - 20:00
Based on data from the first quarter of 2018, Positive Technologies analysts have identified a 32-percent increase in the number of unique cyber incidents compared to the equivalent period last year. Other findings include greater hacker interest in data and an increased use of malware in attacks, which has grown by 75% since Q1 2017.
Categories: Cyber Security News

Events list

Cyber Security News - Tue, 07/24/2018 - 20:00
Watch our webinar with Jimmy Jones, Telecom Business Development Lead for Positive Technologies in EMEA, in which he presents a proactive five-step approach to telecom security that can really make a difference. Protect your assets and subscribers from hacker attacks, prevent network downtime, stop....
Categories: Cyber Security News

PT-2017-52: Information Disclosure in Rockwell Automation Micrologix 1100 and 1400 PLC

Cyber Security News - Tue, 07/24/2018 - 20:00
Severity level. Severity level: High Impact: Information Disclosure Access Vector: Remote CVSS v3: Base Score: 9.8 Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) CVE: CVE-2017-7899. Vulnerability description. The specialists of the Positive Research center have detected an Information Disclosure....
Categories: Cyber Security News

ICS/SCADA

Cyber Security News - Tue, 07/24/2018 - 20:00
Industrial control systems (ICS) play an essential role in automating the critical processes that bring electricity and water to our homes, prevent mass transit gridlock, and ensure a steady flow of goods from our factories. But, unlike the isolated systems of the past, ICS are now highly automated,....
Categories: Cyber Security News

DHS’ Manfra says updates coming in 'six to nine months' to automated info-sharing system

Cyber Security News - Tue, 07/24/2018 - 19:59
Jeanette Manfra, a top Department of Homeland Security cybersecurity official, said today that DHS is working on “technical context” updates to its Automated Information Sharing system, with the changes expected to be integrated into the system within the next six to nine months.
Categories: Cyber Security News

Pages