Endpoint Security Testing Matters: New NSS AEP Test Results

NSS Labs, Inc. has just released the 2018 edition of their Advanced Endpoint Protection testing, and Trend Micro’s endpoint solutions have performed very well, resulting in a “recommended” rating. We had strong performance on “security effectiveness,” meaning that we detected and blocked threats...

This Week in Security News: Bank Robberies and Whaling

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, business leaders share their tips on keeping their companies safe, hackers stole from a Russian central bank, and Google reveals a new...

Trend Micro Achieves “Recommended” Rating from NSS Labs in Data Center IPS Group Test

One of the key use cases for our customers is the protection of their data center environments, which can involve moving off the perimeter into the data center or segmenting their data center from the rest of the organization. It is imperative that a data center security solution not only deliver...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of November 6, 2017

I started a 14-day detox this week that eliminates common food allergens and hormones. It’s going to be two weeks of no fun, but it’s good to give your body a little reset. Plus, I’ll be done just in time for the Thanksgiving holiday. Eliminating toxins from your body can be compared to eliminati...

Trend Micro TippingPoint 8400TX Threat Protection System Receives “Recommended” Rating from NSS Labs

Organizations today are faced with an unenviable task: meeting market demands for continuous innovation and growth while keeping key systems and data safe from a growing range of cyber threats. To add to this already monumental task, it must all be done without disrupting network performance or...

Trend Micro Top Again for Breach Detection, Says NSS Labs

In spite of a rapidly evolving landscape, data breaches remain among the most common and damaging cyber-threats facing organizations today. As digital transformation efforts take hold, so the corporate attacks surface grows, offering more opportunities for the bad guys to take aim at highly prize...

Duqu Analysis and Detection Tool by NSS Labs

Duqu Analysis and Detection Tool by NSS Labs NSS Labs has built a new, free tool that detects known and newly created Duqu drivers that have infiltrated systems, thus allowing security experts to further analyze the "functionality, capabilities and ultimate purpose of DuQu.". The Tool is availabl...

Duqu Analysis and Detection Tool by NSS Labs

Duqu Analysis and Detection Tool by NSS Labs NSS Labs has built a new, free tool that detects known and newly created Duqu drivers that have infiltrated systems, thus allowing security experts to further analyze the "functionality, capabilities and ultimate purpose of DuQu. ". The Tool is availab...

NSS Labs offers Bounties for exploits

NSS Labs offers Bounties for exploits ExploitHub, which operates a penetration-testing site and is run by NSS Labs, announced a bug-bounty program for researchers to develop exploits for 12 high-value vulnerabilities in Microsoft and Adobe products. The company, which has set aside $4,400 in rewa...

NSS Labs offers Bounties for exploits

NSS Labs offers Bounties for exploits ExploitHub, which operates a penetration-testing site and is run by NSS Labs, announced a bug-bounty program for researchers to develop exploits for 12 high-value vulnerabilities in Microsoft and Adobe products. The company, which has set aside $4,400 in rewa...

ExploitHub Offering Bounties – And Residuals – for Exploits

NSS Labs’ announced today that their penetration-testing site, Exploithub, will be offering bounties to researchers for developing exploits for12 high-value vulnerabilities. Exploithub is putting up $4,400 for working exploits against what the company describes as a “dirty dozen” of client-side...

IE 9 Catches Most Web-Based Malware Attacks, Test Shows

A new report shows that the latest version of Internet Explorer, equipped with some new anti-malware functionality, catches more Web-based malware attacks than any of the other major browsers on the market. IE 9 caught nearly 100 percent of the attacks thrown at it in a new test done by NSS Labs...

Internet Explorer 9 Rated Tops in Blocking Malware

In a test designed to analyze various Web browsers’ abilities to protect European users against socially engineered malware attacks, researchers at NSS Labs determined that Internet Explorer 8 and 9 were significantly more effective at curbing malicious downloads than were the other major browser...

Anymacro Mail System G4X email server web interface directory traversal vulnerability

Overview Anymacro Mail System G4X email server web interface contains a directory traversal vulnerability. Description According to Anymacro's website: Anymacro Mail System is a professional e-mail and unified messaging product solution. Anymacro Mail System can be used for an e-mail platform for...

Researcher Says Siemens Downplaying Serious SCADA Holes

Dillon Beresford, the NSS Labs researcher who disclosed serious holes in industrial control system software from Siemens says the company is downplaying the seriousness of the vulnerabilities in its public statements, and that a supposed “fix” for the vulnerabilities is inadequate. In a message...

Metasploit Holding On Siemens Exploits

UPDATE: A week after a security researcher decided to cancel a technical discussion of security holes in industrial control software from Siemens, Inc., public exploits for the vulnerabilities are on hold while the company works to shore up systems running its Simatic programmable logic controlle...

WellinTech KingView 6.53 remote heap overflow vulnerability

Overview WellinTech KingView 6.53 contains a remote heap overflow vulnerability in the HistorySrv process which may allow a remote, unauthenticated attacker to execute arbitrary code. Description According to WellinTech's website: "King V iew software is a high-pormance production which can be us...

Researcher: Holes Abound in Chinese SCADA

The researcher who discovered a hole in a prominent SCADA software package used in China claims that holes in the country’s SCADA systems aren’t uncommon, and blames a lack of transparency for the vulnerabilities. A security researcher at NSS Labs who disclosed a critical vulnerability in a popul...

Exploit Hub Aims to be iTunes for Exploits

It’s been tried before, but NSS Labs founder Rick Moy says his company’s new Exploit Hub – a store front for exploit code – can work. In an interview with Threatpost.com, he explains why the current market for exploits doesn’t work for the good guys, and why zero day exploits don’t help anyone...

Microsoft Says Google Chrome Frame is IE Security Risk

Google’s decision to introduce a plug-in that runs Google Chrome inside Microsoft’s Internet Explorer isn’t sitting well with the folks at Redmond. The Google Chrome Frame, which is presented as a seamless way to bring Google Chrome’s open web technologies and speedy JavaScript engine to Internet...