It’s been a little over a month since several Trend Micro apps were kicked out of the Mac App Store by Apple over allegations of stealing user data, but several crucial questions remain unanswered. To recap, security researchers discovered that seven Trend Micro apps were collecting users’ browser data without notifying users (the vendor claims t

The Meltdown and Spectre vulnerabilities disclosed in early 2018 dominated much of the infosec discussions and news coverage last year, including those at RSA Conference 2018. But at this year’s event, speculative execution threats are virtually non-existent. RSA Conference 2019 has a single item on its agenda for speculative execution threats: a class

Even if you’ve set up parental controls on your devices, your teen is just as tech-savvy as you are, if not more. They’ve been raised in a digital age where surfing the web and social media use are second-nature. They can easily disarm a simple pop-up blocker or clear their browser history. So how do you protect them from the Internet when your original safe

Critical infrastructure is one of the favorite targets for the sophisticated attacks carried out by APTs (advanced persistent threats). What makes these APTs really dangerous is the fact that their attacks are never random, and always have a specific target. If an advanced cyberattack managed to paralyze the water supply, or interrupt hospital service, the A

Cybercriminals have a litany of techniques to get onto their victims’ IT systems: vulnerabilities, social networks, and even snail mail. The most popular method, however, is email: according to sources in the sector, 91% of cybercrime starts with a phishing email. Quasar: a new version of a popular tactic Towards the end of August, security researchers disco

I published the following diary on isc.sans.edu: “Agent Tesla Trojan Abusing Corporate Email Accounts“: The trojan ‘Agent Tesla’ is not brand new, discovered in 2018, it is written in VisualBasic and has plenty of interesting features. Just have a look at the MITRE ATT&CK overview of its TTP. I found a sample of Agent Tesla spr

Cisco fixed a vulnerability in IOE XE software that was introduced due to changes to its implementation of the BGP over an Ethernet VPN. Cisco patches a DoS vulnerability in IOE XE software that was introduced due to changes to its implementation of the Border Gateway Protocol (BGP) over an Ethernet VPN. The Cisco IOS XE operating system automates network op

It has happened, one of the most cyber-savvy states, Estonia decided to block Electronic ID Cards over identity theft risk. On Thursday, Estonia announced that it would suspend security digital certificates for up to 760,000 state-issued electronic ID-cards that are using the buggy chips to mitigate the risk of identity theft. The decision comes after IT sec

Experts discovered flaws in IEEE P1735 electronics standard, which describes methods for encrypting electronic-design intellectual property (IP). Crypto flaws in the IEEE P1735 electronics standard expose highly-valuable intellectual property in plaintext. The IEEE P1735 electronics standard provides recommendations on methods and techniques for encrypting e

I published the following diary on isc.sans.org: “Simple Analysis of an Obfuscated JAR File“. Yesterday, I found in my spam trap a file named ‘0.19238000 1509447305.zip’ (SHA256: 7bddf3bf47293b4ad8ae64b8b770e0805402b487a4d025e31ef586e9a52add91). The ZIP archive contained a Java archive named ‘0.19238000 1509447305.jar’ (SHA256: b161c7

OpenSSL patches two low and medium severity vulnerabilities that were discovered by using Google’s open source OSS-Fuzz fuzzing service. The medium severity vulnerability tracked as CVE-2017-3736 was addressed with the release of OpenSSL 1.1.0g and 1.0.2m. The flaw is a carry propagating bug in the x86_64 Montgomery squaring procedure, it affects processors

Oracle fixed a flaw in Oracle Identity Manager that was rated with a CVSS v3 score of 10.0 and can result in complete compromise of the software via an unauthenticated network attack. Oracle issued an emergency patch for a vulnerability in Oracle Identity Manager, the flaw tracked as CVE-2017-10151 was rated 10 in severity on the CVSS scale. “This Secu

While you use a tool every day, you get more and more knowledge about it but you also have plenty of ideas to improve it. I’m using Splunk on a daily basis within many customers’ environments as well as for personal purposes. When you have a big database of events, it becomes quickly mandatory to deploy techniques to help you to extract juicy inf

Security personnel at Heathrow Airport have an exciting investigation underway after confidential security documentation was found on a sidewalk in West London. An unnamed man, on his way to the library, spotted a thumb drive on the sidewalk in Queen’s Park, West London. He pocketed the USB drive and continued on his way. He remembered the USB drive a

In Case You Missed It Bromium recently engaged in a series of communications and events on the topic of Securing the Modern Endpoint, covering timely and provocative concepts including: How detection consistently fails to secure the enterprise and why new thinking is desperately needed How to realign your defenses around a modern threat risk model using few