Women in Tech and Career Spotlight: Michal Pal

We continue our articles focusing on the themes of National Cyber Security Awareness Month with the first of a series of articles spotlighting some of the women who work at Imperva. I spoke to Michal Pal, automation group manager for the Imperva Incapsula product line and got to know about what...

Hunting Threats Before Threats Hunt Us

Remember file cabinets? Most businesses have auctioned them off or sent them home with employees. For many, paper is a thing of the past. An expansive communication network has collapsed a once-massive Earth into smartphones that fit into our pockets. Cloud computing has made all information...

Chris Brook Says Farewell to Threatpost

Mike Mimoso talks to Chris Brook who is leaving Threatpost after eight years. Chris recalls the early days of the site and his role in helping get it off the ground. He also talks about how security has evolved right alongside Threatpost. Music by Chris Gonsalves...

Cisco ASR 5500 System Architecture Evolution Gateway Denial of Service Vulnerability

Cisco ASR 5500 System Architecture Evolution SAE Gateways is a gateway device from Cisco.General Packet Radio Service GPRS Tunneling Protocol ingress packet handler is one of the General Packet Radio Service GPRS Tunneling Protocol ingress packet handlers. A denial of service vulnerability exists...

The vulnerability of the LTE component of the Android operating system from the CAF repository, which allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LTE component of the Android operating system exists due to insufficient verification of data related to the size of the frequency list. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the...

Friday Squid Blogging: Prehistoric Dolphins that Ate Squid

Paleontologists have discovered a prehistoric toothless dolphin that fed by vacuuming up squid: There actually are modern odontocetes that don't really use their teeth either. Male beaked whales, for example, usually have one pair of teeth that is only used to fight for females, whose teeth stay...

Threat Hunting for Dridex Attacks: Top Questions from Security Teams

Editor's Note: This article originally appeared on RedCanary.com. I recently spoke on a threat hunting webinar with our partner Carbon Black in which we dove into Dridex attacks: how they work, why they’re so effective, and how security teams can detect them through a proactive threat hunting...

The CIO Will Report to the CISO

Note: This article originally appeared on LinkedIn Pulse. If you disagree with me, please visit the LinkedIn post to join the 70+ comments we've gotten so far. As a community we need the open discussion to advance our collective thinking. If you agree, please like, comment and/or share the post...

Two New Platforms Found Offering Cybercrime-as-a-Service to 'Wannabe Hackers'

Cybercrime has continued to evolve and today exists in a highly organised form. Cybercrime has increasingly been commercialised, and itself become big business by renting out an expanded range of hacking tools and technologies, from exploit kits to ransomware, to help anyone build threats and...

Cleaning House: Maintaining an accurate and relevant vulnerability management program

When Nexpose launched in the early 2000s, technology was vastly different from the world we live in today: most people connected to the internet over dial-up modems, personal computers were shared within the household, and televisions were still set-top boxes. Technology has evolved dramatically...

So You Think You Can Spot a Skimmer?

This week marks the 50th anniversary of the automated teller machine -- better known to most people as the ATM or cash machine. Thanks to the myriad methods thieves have devised to fleece unsuspecting cash machine users over the years, there are now more ways than ever to get ripped off at the AT...

EternalPetya – yet another stolen piece in the package?

Since June 27th we have been investigating the outbreak of the new Petya-like malware armed with an infector similar to WannaCry. Since day one, various contradicting theories started popping up. Some believed that this malware is a rip-off of the original Petya, while others think that it is...

EternalPetya and the lost Salsa20 key

We have recently been facing a huge outbreak of a new Petya-like malware armed with an infector similar to WannaCry. The research is still in progress, and the full report will be published soon. In this post, we will focus on some new important aspects of the current malware. The low-level attac...

KSN Report: Ransomware in 2016-2017

This report has been prepared using depersonalized data processed by Kaspersky Security Network KSN. The metrics are based on the number of distinct users of Kaspersky Lab products with the KSN feature enabled, who encountered ransomware at least once in a given period, as well as research into t...

進化したウイルス対策

本記事は、 Microsoft Malware Protection Center のブログ “Antivirus evolved” 2017 年 5 月 8 日 米国時間公開 を翻訳したも...

Evolution Script CMS 5.3 Cross Site Scripting

Document Title: =============== Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2075 Release Date: ============= 2017-06-07 Vulnerability Laboratory ID VL-ID:...

Evolution Script CMS Version Detection

Detects the installed version of Evolution Script CMS. The script tries to detect the version of Evolution Script CMS remote host and sets the KB entries. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Evolution Script CMS Cross-Site Scripting Vulnerability

Evolution Script is managed by a team of professionals specializing in pay-per-click software development. A cross-site scripting vulnerability exists in the "status" parameter of the "Ticket Support" module of Evolution Script CMS version 5.3, which can be exploited by remote attackers to inject...

Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability

Document Title: =============== Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2075 Release Date: ============= 2017-06-07 Vulnerability Laboratory ID VL-ID:...

Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability

Document Title: =============== Evolution Script CMS v5.3 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2075 Release Date: ============= 2017-06-06 Vulnerability Laboratory ID VL-ID:...