About
Dennis Fisher is a journalist with more than 13 years of experience covering information security.
Security researchers have identified a new suspicious program that is copying itself to PCs via USB mass storage devices and is digitally signed with the certificate of Realtek Semiconductor, a major manufacturer of computer products based in Taiwan.
Dennis Fisher talks with Caleb Sima of Armorize about the company’s scheduled talk at Black Hat on China’s cyber army being canceled under pressure from the governments of China and Taiwan.
Dennis Fisher talks with Caleb Sima of Armorize and Andy Chou of Coverity about the companies’ new partnership designed to make security and quality code testing simpler and more efficient and the state of software security in general.
A talk on China’s state-sponsored offensive security efforts scheduled for the Black Hat conference later this month has been pulled from the conference after concerns were raised by some people within the Chinese and Taiwanese government about the talk’s content.
Spammers and the botnet operators they’re allied with are continuing to adapt their techniques to evade security technologies, and now are using what amount to disposable domains for their activities. A new report shows that the spammers are buying dozens of domains at a time and moving from one to another as often as several times a day to prevent shutdowns.
This is a recording of a live chat session with the technical support agent associated with a rogue AV program. The session was recorded by Nicolas Brulez, a security analyst at Kaspersky Lab.
Marc Maiffret, a security researcher known for his controversial opinions on software security and his efforts to get Microsoft specifically to improve the security of its products, is returning to eEye Digital Security, the vulnerability management company he helped found more than a decade ago. After several years away from the security game and a short stint with anti-malware vendor FireEye, Maiffret said that he was eager to get back into the research game, which has changed dramatically since his early days at eEye.
A new report shows that the number of reported vulnerabilities in major commercial software products is accelerating, and that Apple’s products now have more vulnerabilities than those of any other major vendor. Perhaps more importantly, though, is the fact that third-party applications now account for the vast majority of flaws on most computers.
Microsoft on Friday said that a weakness in Internet Explorer 8 identified by security researcher Ruben Santamarta recently is not an exploitable vulnerability, but rather a “technique for bypassing ASLR.”
A security expert has released a stripped-down Ubuntu distribution designed specifically for reverse-engineering malware. The OS, called REMnux, includes a slew of popular malware-analysis, network monitoring and memory forensics tools the comprise a very powerful environment for taking apart malicious code.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
