HackDig : Dig high-quality web security articles for hackers

Lock and Code S1Ep19: Forecasting IoT cybersecurity with John Donovan and Adam Kujawa

This week on Lock and Code, we offer something special for listeners—a backstage pass to a cybersecurity training that we held for employees during Cybersecurity Awareness Month, which ended in October. The topic? The future of cybersecurity for the Internet of Things. Our guests, Chief Information Security Officer John Donovan and Security Evangelist
Publish At:2020-11-09 15:23 | Read:425 | Comments:0 | Tags:Podcast cybersecurity awareness month elections hacking hosp

S3 Ep5: Chrome, Flash and malware for sale [Podcast]

byPaul DucklinIn this episode: a zero-day bug in Chrome for Android, the imminent death of Adobe Flash, the evolution of “malware-as-a-service“, and the malware risks from image search. Also (oh! no!), why you should take care before you pair.Presenters: Kimberly Truong, Doug Aamoth and Paul Ducklin.Intro and outro music: Edith Mudge.LISTEN NOWCl
Publish At:2020-11-05 12:12 | Read:290 | Comments:0 | Tags:Uncategorized Buer chrome Cybercrime Exploit Google malware

A week in security (October 26 – November 1)

We had a very busy week at Malwarebytes Labs. We offered advice on Google’s patch for an actively exploited zero-day bug that affects Chrome users, our podcast talked about finding consumer value in Cybersecurity Awareness Month with Jamie Court, we provided guidance about keeping ransomware cash away from your business, pointed out how scammers ar
Publish At:2020-11-02 15:41 | Read:360 | Comments:0 | Tags:Malwarebytes news covid-19 survey CVE-2020-14882 cybersecuri

S3 Ep3: Cryptography, hacking and pwning Chrome [Podcast]

byPaul DucklinThis week: the DOJ’s attempt to reignite the Battle to Break Encryption; the story of the Russian hackers behind the Sandworm Team; a zero-day bug just patched in Chrome; and (oh no!) why your vocabulary needs the word “restore” even more than it needs “backup”.Presenters: Kimberly Truong, Doug Aamoth and Paul Duck
Publish At:2020-10-23 08:18 | Read:437 | Comments:0 | Tags:Cryptography Google Google Chrome Podcast crypto Cybercrime

Zero-day attacks: the cyber equivalent of COVID-19

Cybersecurity has changed markedly over the last few years. The first malware dates back to the 1970s and led to the creation of the first antivirus -Reaper-, designed to detect computers infected with the malware Creeper and remove it. Since then, cybersecurity has become increasingly important and is now an essential consideration for any organization. Thi
Publish At:2020-08-28 18:29 | Read:530 | Comments:0 | Tags:Adaptive Defense Business Malware b2b covid-19 zero day cybe

A zero-day guide for 2020: Recent attacks and advanced preventive techniques

Zero-day vulnerabilities enable threat actors to take advantage of security blindspots. Typically, a zero-day attack involves the identification of zero-day vulnerabilities, creating relevant exploits, identifying vulnerable systems, and planning the attack. The next steps are infiltration and launch.  This article examines three recent zero-day atta
Publish At:2020-06-23 14:30 | Read:639 | Comments:0 | Tags:Exploits and vulnerabilities artificial intelligence EDR end

Global 1000 Security Execs: Mobile No Longer “The Forgotten Endpoint”

As the global leader in mobile security, Zimperium is proud of the companies and governments that trust us to protect their mobile endpoints and applications. Our customers are not only well-known for their brands, they are known for being some of the most sophisticated and knowledgeable security organizations in the world. We recently spoke with several of
Publish At:2020-05-24 07:37 | Read:698 | Comments:0 | Tags:Mobile Security coronavirus COVID-19 global 1000 Mobile secu

Windows has a zero-day that won’t be patched for weeks

byJohn E DunnCybercriminals are exploiting two unpatched zero-day flaws affecting all supported versions of Windows, Microsoft has warned.The Remote Code Execution (RCE) vulnerabilities affect Adobe Type Manager (ATM) Library, the part of Windows that manages PostScript Type 1 fonts.For now, there are no CVE identifiers and the only confirmed details are in
Publish At:2020-03-25 09:06 | Read:1084 | Comments:0 | Tags:Microsoft Operating Systems Security threats Vulnerability W

Zyxel 0day Affects its Firewall Products, Too

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products. This week’s story on the Zyxel patch
Publish At:2020-02-26 12:56 | Read:877 | Comments:0 | Tags:Latest Warnings Time to Patch 0day alex holden zero day ZyXe

Zyxel Fixes 0day in Network Storage Devices

Patch comes amid active exploitation by ransomware gangs Networking hardware vendor Zyxel today released an update to fix a critical flaw in many of its network attached storage (NAS) devices that can be used to remotely commandeer them. The patch comes 12 days after KrebsOnSecurity alerted the company that precise instructions for exploiting the vulnerabili
Publish At:2020-02-24 15:24 | Read:1121 | Comments:0 | Tags:Latest Warnings The Coming Storm Time to Patch 0day 500mhz a

The Godfathers of Virtualization Returning to VMWorld

Ian Pratt and Simon Crosby sold XenSource to Citrix in 2007. After working at Citrix, they decided to once again spin off and focus on cybersecurity. They are available to meet during VMWorld if you’d like to talk virtualization and security. We think of them as The Godfathers of Virtualization. They work they did with XenSource lead to what is today’s clo
Publish At:2017-08-15 17:35 | Read:6142 | Comments:0 | Tags:Company News application isolation browsing click cybersecur

ZPI: One approach to rule them all

Introduction In 1975, a book was published that changed the way we approach complex problems. Inspired on how nature works “Adaptation in Natural and Artificial Systems” set the bases of genetic algorithms. The release date of this blogpost is strongly linked to that book, it is a symbolic tribute to its author, John Henry Holland, who passed out
Publish At:2017-08-10 08:55 | Read:6439 | Comments:0 | Tags:Android iOS Mobile security Mobile Threat Defense Windows Ze

When All Else Fails in Cybersecurity, Application Isolation Does Not

We hear about cybersecurity fails all the time. We’re happy to tell you it doesn’t have to be that way. Application isolation and containment based on virtualization is delivering results. The NSA has called out this strategy as the way forward for stopping advanced threats. To many technology folks, Application Isolation may be a new term when
Publish At:2017-07-26 12:05 | Read:5238 | Comments:0 | Tags:Threats application isolation control demo government Isolat

From WannaCry to WannaSaveYou, Thanks to Adaptive Defense’s Visibility

Hacker groups have become highly trained organizations with access to very sophisticated and easily accessible tools and techniques. Cyberattacks have become professionalized and their economic profitability has been demonstrated countless times, turning it into a billion-dollar industry in recent years. Economic profit and jeopardizing the confidential data
Publish At:2017-05-16 00:50 | Read:3199 | Comments:0 | Tags:News Ransomware wannacry zero day

Zero-Day Exploits – Your Days are Numbered! [infographic]

News stories involving zero-day Windows kernel exploits seemingly never end. Fresh examples abound with alarming regularity and devastating effects, often involving defects with a dwell time of many months before they are formally addressed by patch updates. Despite a sustained focus by Microsoft on improving cybersecurity top to bottom, dubious new records
Publish At:2017-04-21 22:10 | Read:4455 | Comments:0 | Tags:Threats backlog exfiltrate kernel microsoft NSA operating sy

Tools

Tag Cloud