10 Endpoint Security Problems Solved by the Cloud – An Introduction

Question: Where do 70% of successful breaches begin? Answer: The endpoint. The State of Endpoint Security Traditional defensive security solutions are fighting a losing battle against hackers and malware. With each day, new attacks and viruses appear and keeping systems safe is like bailing out a...

CVE-2017-17689

The S/MIME specification allows a Cipher Block Chaining CBC malleability-gadget attack that can indirectly lead to plaintext exfiltration, aka EFAIL...

Riccardo Di Blasio joins Wallarm as an advisor

We are excited to welcome Riccardo Di Blasio to Wallarm advisory team. Riccardo is a well known industry executive who brings his experience running go-to-market operations and managing business worldwide for large internationals like EMC Corp and VMware, including RSA Security. Riccardo’s...

Vega Stealer Malware Takes Aim at Chrome, Firefox

A malware dubbed Vega Stealer has been uncovered, looking to make off with saved credentials and credit-card information in the Chrome and Firefox browsers. While it’s a simple payload for now, researchers said it has the ability to evolve into something more concerning in the future. Proofpoint,...

Secrets of the Wiper: Inside the World's Most Destructive Malware

Shamoon, Black Energy, Destover, ExPetr/Not Petya and Olympic Destroyer: All of these wiper malwares, and others like them, have a singular purpose of destroying systems and/or data, usually causing great financial and reputational damage to victim companies. However, the threat actors behind thi...

Securing the Connected Industrial World with Trend Micro

At Trend Micro we’ve made it our business over the past 30 years to anticipate where technology is taking the world. That’s why our message has evolved over that time from Peace of Mind Computing to Your Internet Firewall and most recently Securing Your Journey to the Cloud. Well, we know that...

GravityRAT - The Two-Year Evolution Of An APT Targeting India

This blog post is authored by Warren Mercer and Paul Rascagneres. Update: 4/30 Since the publication of the blog post, one of the anti-VM capability was commented a lot on Twitter: the detection of Virtual Machines by checking the temperature of the system. We decided to add more details and...

Eliminating Dwell Time with Cb Response and Red Canary

How Can I Efficiently Organize and Lead the People on My Team? Organizing your team to protect your environment with agility is a difficult task with all the varied skills and challenges related to traditional security operations center SOC structures. We asked our partners at Red Canary, who eve...

Solaris 10 (x86) : 119118-52

Evolution 1.4.6x86 patch. Date this patch was last updated by Sun : Apr/23/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

The role that regions can and should play in critical infrastructure protection

Todays report, Critical Infrastructure Protection in Latin America and the Caribbean 2018, developed in partnership between Microsoft and the Organization of American States OAS, demonstrates the value of regional cooperation in global efforts to increase the security of the online environment...

Threat Analysis: ROKRAT Malware

ROKRAT also referred to as DOGcall is a family of malware that has been used by attackers originating from North Korea. The family continues to evolve and adopt techniques from other families also used by the same attack group. The ROKRAT core payload is typically deployed by a loader, which has...

The Evolution of Ransomware

While many businesses and individual users understand that ransomware isn't a new threat, many don't actually know how long this particular infection style has been utilized by hackers. The first attacks took place more than a decade ago, and since then, ransomware authors have only become more...

The New Cyber Landscape: More Threats, But Fewer Security Professionals

Great news: If you're a security professional, your skills have never been more in demand. On the flip side, if you're looking for security talent, the search will likely be lengthy and difficult. ISACA predicts that by 2019 there will be a shortage of two million cyber security professionals...

3 reasons the ransomware threat will continue in 2018

Ransomware has been on the scene for more than a decade now, and thanks to increasingly sophisticated samples that attack victims across nearly every country, it's become a global threat. According to CSO, ransomware has a longer history than many realize. While large-scale attacks reached the...

OWASP Top 10 2017 is Released

The Journey to the New and Improved Ten Most Critical Web Application Security Risks It was not too long ago that protecting your web server infrastructure consisted of simply placing the servers in their own zone behind the firewall and just opening a couple of ports. Outside of endpoint...

Kaspersky Security Bulletin: Story of the year 2017

Download the Kaspersky Security Bulletin: Story of the year 2017 Introduction: what we learned in 2017 In 2017, the ransomware threat suddenly and spectacularly evolved. Three unprecedented outbreaks transformed the landscape for ransomware, probably forever. The attacks targeted businesses and...

methodsinecologyandevolution.org XSS vulnerability

Open Bug Bounty ID: OBB-429380 Description| Value ---|--- Affected Website:| methodsinecologyandevolution.org Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS...

Women in Tech and Career Spotlight: Shu White

Up next in our series featuring women in technology at Imperva is a spotlight on Shu White, the company’s vice president and deputy general counsel. Hailing from a legal background, I found her perspective particularly unique. Read below for Shu’s take on the cybersecurity industry, the inspiring...

APT Trends report Q3 2017

Introduction Beginning in the second quarter of 2017, Kaspersky's Global Research and Analysis Team GReAT began publishing summaries of the quarter's private threat intelligence reports in an effort to make the public aware of what research we have been conducting. This report serves as the next...

Excerpts from The Ransomware Economy: Emergence and Innovation

Carbon Black recently published an investigative report on the Dark Web marketplace for ransomware. This is an excerpt from that report, which you can find here. For more information about the rise of ransomware, and what you can do about it, check out the Future-Proof Your Ransomware Prevention...