Browsing Category: Web Security

Financial Services Companies Facing Varied Threat Landscape

SAN FRANCISCO–Many of the stories about attacks on banks, payment processors and other portions of the financial services system around the world depict these intrusions as highly sophisticated operations conducted by top-level crews. However, the majority of the attacks these companies see aren’t much more advanced than a typical malware attack, experts say. “About two[...]

Read more...

Government, Private Sector Must Have a ‘Need to Share’ Mindset on Threats

Former DHS secretary Tom Ridge said at the Kaspersky Lab Cybersecurity Summit that U.S. critical infrastructure will be a target as long as the public and private sector balk on sharing attack and threat data.

Read more...

BlackBerry, Cisco Products Vulnerable to OpenSSL Bug

Vendors are continuing to check their products for potential effects from the OpenSSL heartbleed vulnerability, and both Cisco and BlackBerry have found that a variety of their products contain a vulnerable version of the software. BlackBerry on Thursday said that several of its software products are vulnerable to the OpenSSL bug, but that its phones[...]

Read more...

Cyber Intelligence Asia 2014: CERTs and Industrial Security

In March I spoke at Cyber Intelligence Asia 2014, where CERTs from most Asians countries were presented. The fact is that only a few CERTs are now dealing in some way with industrial security, ICS and SCADA matters. One of the best of those is CERT of Japan, which is doing a great job here,[...]

Read more...

Google Adds Continuous Monitoring of Android Apps

Google is adding a new security feature to Android designed to scan installed apps on a device and ensure that they’re not acting maliciously or taking unwanted actions. The system is built on Google’s existing app-verification model, which warns users if there’s a potential problem with an app they’re installing. The addition to Android’s security[...]

Read more...

What Have We Learned: OpenSSL Heartbleed Bug

There’s nothing the Internet loves more than a fat, juicy story that it can sink its sharpened, yellowing canines into. And for the security community, the OpenSSL heartbleed vulnerability has been the equivalent of a 72-ounce steak. But an Internet-breaking vulnerability like this one is no good unless we can learn something from it (or[...]

Read more...