About
"Distrust and caution are the parents of security" - Benjamin Franklin
Howard Schmidt, former White House cybersecurity coordinator and Microsoft CSO, said executives need to be aware of the threats their companies face. “We have to understand that theft of intellectual property is different from trying to turn the lights out,” he said.
Costin Raiu, the head of the Kaspersky Lab Global Research and Analysis Team, Petr Merkulov, chief product officer, and CEO Eugene Kaspersky, discussed the need for better awareness of security threats and more comprehensive protection.
Kaspersky Lab convened a number of information security experts in New York City this week to discuss the effects of cyberespionage and targeted attacks on corporate America.
After pushing its “click-to-play” blacklisting function live last fall, Mozilla has announced plans to further implement the security feature in its Firefox browser.
A vulnerability exists in Ruby on Rails’ JavaScript Object Notation (JSON) code that could open the Web framework up to a slew of security problems. Patches were published yesterday, but if left unpatched, the vulnerability could let attackers bypass authentication systems, inject arbitrary SQL code, inject and execute arbitrary code and perform a denial of service attack on a Ruby on Rails app.
Search giant Google is planning a third iteration of its vulnerability-finding contest, Pwnium. This year’s competition is set to be held alongside next month’s CanSecWest security conference on March 7 in Vancouver, BC. Unlike last year’s inaugural Pwnium, which was parallel to CanSecWest’s older Pwn2Own competition, this year Google teamed up with HP’s Zero Day Initiative, the group behind Pwn2Own, to work on the contest’s outlines and “underwrite a portion of the winnings.”
WordPress pushed out version 3.5.1 of its open source blogging platform yesterday, fixing 37 bugs including several cross-site scripting (XSS) errors and a vulnerability that could have allowed an attacker to expose information and compromise an unpatched site.
In a video from this week’s DLD Conference, F-Secure’s Chief Research Officer Mikko Hypponen and Kaspersky Lab’s CEO Eugene Kaspersky discuss increased paranoia surrounding cyber warfare, the dangers of the internet and the evolution of hacking throughout the years.
Android.Troj.mdk, the Trojan botnet that last week was reported to have infected one million devices, mainly Chinese Android phones, is a new variant of a separate strain of malware, Backscript, researchers say.
Users looking for “cracked” Android files are in danger of running into a site that is peddling apps that are more or less a ploy to garner advertising clicks from unsuspecting users. The site, getwapi.com, boasts a collection of free, yet crooked looking downloads for Android phones including audio apps, Java apps, wallpapers, games and more.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
