I’m currently involved in a “DMZ Redesign” effort in a sufficiently large enterprise (800+ hosts in “the DMZ”) and I thought this might be an opportunity to reflect on some aspects of “DMZ networks” in a series of posts.
Some of you already know that, at ERNW, we have a tendency to discuss stuff starting with some f
A new Locky Ransomware variant has been spotted by researchers at Cyren, it uses DLLs for distribution.
The Locky Ransomware is one of the most popular threats since its first detection in the wild early 2016. The ransomware has evolved over the time, crooks have improved it adding new evasion detection features and changing the distribution methods.
The Security Engineer April King from Mozilla has released the Observatory Tool, a free tool for the security assessment of websites.
Mozilla has launched the ‘Observatory,’ a tool developed by the Security Engineer April King that allows administrators and developer to test their websites.
“Observatory is a simple tool that allows site ope
Two major hotel chains are warning customers that their payment card details may have been compromised after discovering point-of-sale (PoS) malware infections on their systems.Millennium Hotels & Resorts (MHR) and Noble House Hotels and Resorts (NHHR) both announced the security incidents on Thursday following an alert from the U.S. Secret Service.The h
Starting with Firefox 50, the browser will feature improved mitigation against MIME confusion attacks, preventing a threat actor from disguising malicious code as other files, mostly images.Whenever the browser receives a file from the server, Firefox will check the server response for the Content-Type header, which tells it what kind of file it downloaded,
Ransomware often tries to disguise its malicious behavior by various tricks. The latest method observed is from a new variant called Fantom, which shows a fake Windows Update screen, while in reality, it's encrypting the user's files.The ransomware, spotted for the first time only a few days ago by AVG security researcher Jakub Kroustek, is coded on
Publish At:2016-08-27 00:55
Read:58 | Comments:0 |
In order to help webmasters better protect their websites and users, Mozilla has built an online scanner that can check if web servers have the best security settings in place.Dubbed Observatory, the tool was initially built for in-house use by Mozilla security engineer April King, who was then encouraged to expand it and make it available to the whole w
Whether they identify as white hats, black hats or something in-between, a majority of hackers agree that no password is safe from them — or the government for that matter. Regardless of where they sit with respect to the law, hackers mostly agree that five key security measures can make it a lot harder to penetrate enterprise networks.At the Black Hat U
Big data is best known for its volume, variety, and velocity -- collectively referred to as the "3 Vs" -- and all three of those traits make security an elusive goal. Targeting companies grappling with that challenge, the Cloud Security Alliance on Friday released a new report offering 100 best practices.As its name would suggest, the CSA focuses on prom
One security research company is taking a controversial approach to disclosing vulnerabilities: It’s publicizing the flaws as a way to tank a company’s stock.The security firm, MedSec, made news on Thursday when it claimed that pacemakers and other health care products from St. Jude Medical contain vulnerabilities that expose them to hacks.However, MedSe
The use of biometric data is on the rise, causing new security risks that must be assessed and addressed.The term “BYOB” might have more interpretations than you think. Increasingly, in the area of enterprise security and data, it could mean “bring your own body.”The use of biometric data, in both consumer and enterprise technology, i
Publish At:2016-08-26 23:05
Read:28 | Comments:0 |
Start saving now.The global cost of cybercrime could reach $6 trillion by 2021, according to a Cybersecurity Ventures report. A report out by Cybersecurity Ventures predicts global annual cybercrime costs will grow to $6 trillion by 2021. While a $6 trillion estimate might be a little high, “a trillion dollars plus is a real possibility,&rdqu
Publish At:2016-08-26 23:05
Read:78 | Comments:0 |
Victims of 'lawful intercepts' include human rights activists and journalist, researchers from Citizen Lab and Lookout say.Apple’s much vaunted reputation for security took a bit of beating this week with two separate reports identifying serious vulnerabilities in its iOS operating system for iPhones and iPads.One of the reports, from security firm Loo
Publish At:2016-08-26 23:05
Read:47 | Comments:0 |
In March 2013, a coalition of spammers and spam-friendly hosting firms pooled their resources to launch what would become the largest distributed denial-of-service (DDoS) attack the Internet had ever witnessed. The assault briefly knocked offline the world’s largest anti-spam organization, and caused a great deal of collateral damage to innocent bystan
The number of students taking GCSE computing rocketed by 76% over the past year, fuelling hopes that this could translate into more UK school leavers pursuing careers in cybersecurity.In total, entry numbers for the course jumped from around 35,500 in 2015 to 62,500 this year.Kaspersky Lab UK & Ireland general manager, Kirill Slavin, argued that the
Publish At:2016-08-26 18:05
Read:84 | Comments:0 |
Share high-quality web security related articles with you:)