About
Dennis Fisher is a journalist with more than 13 years of experience covering information security.
In the wake of Moxie Marlinspike’s SSL talk at Black Hat this summer, another security researcher has used the technique described in the talk to create and publish a valid wildcard certificate and private key that could be used to fool browsers into believing a site is legitimate when it is in fact a fake.
Online criminal gangs have begun using special malware that enables them to hide the amount of money that they’re stealing from victims’ online banking accounts, helping them evade detection for longer periods of time and extend the effectiveness of their crime sprees.
A team of computer scientists from several universities has devised an attack that is capable of reconstructing the so-called vanishing data objects created by a system called Vanish, which was designed to create secure data objects that would expire after a set time and could never be recreated.
Large enterprises and consumers have been dealing with sophisticated phishing scams, online extortion plots and other assorted theft schemes for years, but now attackers are turning their attention to the huge population of small businesses and non-profits in the U.S. And they are finding a gold mine.
Amit Yoran, CEO of NetWitness, is the former director of the National Cyber Security Division at the Department of Homeland Security and a longtime veteran of the security industry both inside and outside the Beltway. He spoke with Dennis Fisher recently about the current power vacuum in Washington on security matters and the priorities for the next cyber security coordinator.
The rash of attacks on social networking sites is continuing, this time in the form of a cross-site scripting worm that is currently plaguing Reddit, the popular social bookmarking portal. The Reddit attack is interesting in that it requires a minimum of user interaction in order to spread.
GENEVA — The attacks and scams that have been affecting users of Facebook, Twitter and other popular social networking sites are continuing to evolve and improve, as the attackers learn more about their victims and refine their tactics, experts say.
Digital Underground podcast with Dennis Fisher
Dennis Fisher talks with Stefan Tanase, senior security researcher at Kaspersky Lab, live from Virus Bulletin 2009 about the threats on social networking sites and the privacy and security concerns presented by Web 2.0 technologies. Here are the slides from Tanase’s presentation.
GENEVA — A more comprehensive and serious level of cooperation among industry leaders is needed to help stop the scourge of malicious Web ads and botnets that result from the infected PCs, a top Google executive said Wednesday.
There are security conferences, and then there is Virus Bulletin. While virtually all of the presentations are from researchers working at antimalware vendors and other security companies, the talks are quite technical and this year’s conference, which starts Wednesday in Geneva, Switzerland, features one most interesting speaker: Eric Davis of Google.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
