Google released the latest build of its browser Tuesday, Chrome 41.0.2272.76, patching 51 different bugs and paying out over $50,000 in bounties.
Browsing Author: Chris Brook
A new type of POS malware, LogPOS, is using technology that evades detection by letting the malware inject code while it shuttles stolen credit card numbers to its C+C server.
Attackers behind one of the more popular exploit kits, Angler, have added a tweaked version of an exploit from last fall, a use after free vulnerability in Microsoft’s Internet Explorer browser.
In addition to roughly 80 million Anthem customers, nearly 20 million more individuals who aren’t customers of the health insurer could ultimately wind up implicated in this month’s massive data breach.
More than one million different WordPress sites may be vulnerable to a critical plugin issue that could lead to SQL injections and in turn, total site takeover.
CloudFlare has deployed a new level of encryption on its service that hardens and speeds up users’ experience, especially when accessing domains via mobile browsers.
At last week’s Security Analyst Summit Kris McConkey, part of PricewaterhouseCoopers’ UK Cyber Threat Operations team, discusses OpSec failures: How attackers are still humans and make mistakes like sometimes using personal email addresses and real names in their campaigns.
In this video from last week’s Security Analyst Summit, HackerOne’s Katie Moussouris explains the main thing companies that want to start a bounty program or vulnerability incentive program need to know: There is no one size fits all.
Attackers have long used distributed denial of service attacks to knock domain-name servers offline but over the last several months malware creators have taken to using DNS requests to tunnel stolen data.
Staffan Truve spoke Monday at the Kaspersky Analyst Summit about the efforts his company Recorded Future is taking to index the dark web, or what he called the underbelly.