Black Hat is upon us and, with it, a lot of chatter about the dangers posed by so-called “APT,” or advanced persistent threats. Rather than get trapped in the hype bubble, Threatpost editor Paul Roberts took the opportunity to check back in with a recognized expert on detecting and combating APT-style attacks: Amit Yoran, the former CEO of NetWitness Corp. and now a Senior Vice President at RSA, The Security Division of EMC. Yoran says that the darkest days may yet be ahead in the fight against APT style attacks, with mounting attacks and a critical shortage of security talent. To cope, both private sector firms and the government need to stop fighting the last war and pivot to the kinds of practices and monitoring that can spot sophisticated attackers.
Browsing Author: paulroberts
The annual Black Hat Briefings hacker conference got off to a rocky start Sunday after thousands of registered attendees received a fishy smelling “account password reset” e-mail that contained a suspicious URL. But a message from conference organizers hours later said the errant e-mail was no phishing attack, but merely an “abuse of functionality” by a bored Black Hat volunteer.
The annual Black Hat Briefings hacker conference got off to a rocky start Sunday after thousands of registered delegates to the Black Hat Briefings hacker conference in Las Vegas received a fishy smelling “account password reset” e-mail that contained a suspicious URL. But a message from conference organizers hours later said the errant e-mail was no phishing attack, but merely an “abuse of functionality” by a bored Black Hat volunteer.
Microsoft researchers are warning about a new Trojan horse program for Android mobile devices that sends out premium SMS messages once installed.
Support forums frequented by users of the online storage service Dropbox were alive with reports of spam e-mail messages sent to supposedly secret, Dropbox-affiliated addresses. The reports have raised the dark spectre of a data leak at the cloud based personal storage firm.
Google says it has taken extra steps to counter the threat posed by malicious extensions to its Chrome Web browser, after incidents in which malicious extensions were used to power online scams.
UPDATE: A string of high-profile hacks against online forums and companies continued on Thursday, with news that forums hosted by the technology firm NVIDIA as well as the surf-ware vendor Billabong.
An online forum for Android fans and developers was compromised and user account details stolen, according to a notice posted online on Tuesday.
A scheduled talk at the Black Hat Briefings security conference in Las Vegas later this month may have dealt a fatal blow to the once ballyhooed Windows Sidebar and Windows Gadgets. Redmond, Washington-based Microsoft, on Tuesday, issued a software “fix” that disables gadgets and the Windows sidebar on Vista and Windows 7 entirely.
The security firm Trusteer reports that new Web-based attacks are targeting Android smartphone users in a campaign to circumvent two-factor sign-on features used by many banks to protect account holders.