Browsing Author: Paul Roberts

Firms Need ‘Tough Love’ In Struggle Against APTs

Black Hat is upon us and, with it, a lot of chatter about the dangers posed by so-called “APT,” or advanced persistent threats. Rather than get trapped in the hype bubble, Threatpost editor Paul Roberts took the opportunity to check back in with a recognized expert on detecting and combating APT-style attacks: Amit Yoran, the former CEO of NetWitness Corp. and now a Senior Vice President at RSA, The Security Division of EMC. Yoran says that the darkest days may yet be ahead in the fight against APT style attacks, with mounting attacks and a critical shortage of security talent. To cope, both private sector firms and the government need to stop fighting the last war and pivot to the kinds of practices and monitoring that can spot sophisticated attackers. 

Read more...

Black Hat: Phishing E-Mail Scare A False Alarm

The annual Black Hat Briefings hacker conference got off to a rocky start Sunday after thousands of registered attendees received a fishy smelling “account password reset” e-mail that contained a suspicious URL. But a message from conference organizers hours later said the errant e-mail was no phishing attack, but merely an “abuse of functionality” by a bored Black Hat volunteer.

Read more...

Black Hat: Phishing E-Mail Scare A False Alarm

The annual Black Hat Briefings hacker conference got off to a rocky start Sunday after thousands of registered delegates to the Black Hat Briefings hacker conference in Las Vegas received a fishy smelling “account password reset” e-mail that contained a suspicious URL. But a message from conference organizers hours later said the errant e-mail was no phishing attack, but merely an “abuse of functionality” by a bored Black Hat volunteer.

Read more...

Dropbox Users Cry “Spam!” Company Investigates

Support forums frequented by users of the online storage service Dropbox were alive with reports of spam e-mail messages sent to supposedly secret, Dropbox-affiliated addresses. The reports have raised the dark spectre of a data leak at the cloud based personal storage firm.

Read more...

Google Hardens Chrome To Block Malicious Extensions

Google says it has taken extra steps to counter the threat posed by malicious extensions to its Chrome Web browser, after incidents in which malicious extensions were used to power online scams.

Read more...

Password Leaks Continue: Billabong, NVIDIA Accounts Compromised

UPDATE: A string of high-profile hacks against online forums and companies continued on Thursday, with news that forums hosted by the technology firm NVIDIA as well as the surf-ware vendor Billabong.

Read more...

AndroidForums.com Hacked, User Credentials Stolen

An online forum for Android fans and developers was compromised and user account details stolen, according to a notice posted online on Tuesday.

Read more...

Microsoft Issues Kill Fix For Windows Gadgets

A scheduled talk at the Black Hat Briefings security conference in Las Vegas later this month may have dealt a fatal blow to the once ballyhooed Windows Sidebar and Windows Gadgets. Redmond, Washington-based Microsoft, on Tuesday, issued a software “fix” that disables gadgets and the Windows sidebar on Vista and Windows 7 entirely.

Read more...