Network Security

Network Security news, trend analysis and opinion

Most Android phones can be hacked with a simple MMS message or multimedia file

Vulnerabilities in the Android multimedia framework allow attackers to remotely compromise devices with ease, a researcher said

Researchers disclose four unpatched vulnerabilities in Internet Explorer

The reports contain limited information, making exploit development hard and unlikely


Measuring the Quality of Commercial Threat Intelligence

One person’s quality is another person’s fluff so objective measurements will be difficult. Threat intelligence quality may ultimately be gauged through crowdsourcing and threat intelligence sharing.

Former Hacking Team supplier stops selling zero-day exploits on ethical grounds

U.S.-based Netragard has terminated its zero-day exploit selling program in response to revelations about Hacking Team's customers

Report: Microsoft paying $320 million for cloud security provider Adallom

Adallom provides a range of security and data gathering tools to businesses

Cyberspies love exploits from Hacking Team leak

Advanced hacking group uses a second Flash exploit leaked from the surveillance software maker

Are There Differences Between Threat Intelligence Feeds?

Enterprise cybersecurity professionals find it difficult to judge the quality and efficacy of disparate open source and commercial threat intelligence. In the short term, this means more buying and selling.

Bogus news app used to deliver Hacking Team spy tool

Trend Micro found the app, along with exploit code and instructions, in the leaked data

New point-of-sale malware distributed by Andromeda botnet

Attackers use spam to infect systems with the Andromeda backdoor and then deploy GamaPoS on select point-of-sale machines

Encrypted Web and Wi-Fi at risk as RC4 attacks become more practical

Researchers show they can recover sensitive cookies from RC4-encrypted TLS connections in 75 hours

Oracle fixes zero-day Java flaw and over 190 other vulnerabilities

Users should update Java as soon as possible because attackers are already taking advantage of at least one vulnerability

Cybersecurity Lessons from W. Edwards Deming

Process problems are the biggest bottleneck to strong cybersecurity so CISOs must address these issues before layering on additional technology

Hacking Team's malware uses UEFI rootkit to survive OS reinstalls

The feature allows the company's software to persist even if the hard disk drive if replaced

Cyberespionage group Pawn Storm uses exploit for unpatched Java flaw

The exploit was used in attacks against the armed forces of a NATO country and a U.S. defense organization

Hacking Team's arsenal included at least three unpatched exploits for Flash Player

The vulnerabilities leveraged by two of the exploits have yet to be patched

Second Flash Player zero-day exploit found in Hacking Team's data

Adobe plans to patch the vulnerability next week, but attackers might move quicker

OPM director resigns after unprecedented data breach

Katherine Archuleta stands down a day after scale of the massive breach was made clear

Google fine tunes spam catching tools

Postmaster Tools aims to give admins greater insight into why messages may not get through

OPM hackers stole data on 21.5m people, including 1.1m fingerprints

Latest update reveals the massive size of the data breach

OpenSSL fixes serious flaw that could enable man-in-the-middle attacks

The vulnerability allows attackers to generate rogue certificates that pass OpenSSL's validation

Load More