About
Dennis Fisher is a journalist with more than 13 years of experience covering information security.
In this Google Tech Talk, Neil Daswani, founder of Dasient and a former Google engineer, discusses the recent epidemic of attacks featuring legitimate Web sites that have been compromised by malware and what can be done to combat the threat.
Researchers have identified a new vulnerability in the Linux kernel which could enable an attacker to take complete control of a vulnerable system. The flaw is in all versions of the 2.4 and 2.6 Linux kernels. The Linux kernel vulnerability is a NULL pointer dereference vulnerability that derives from the kernel’s failure to validate a function pointer before dereferencing it. The flaw, discovered by two members of the Google security team, has been fixed by a patch for the Linux kernel that was made available Thursday.
Dennis Fisher talks with Microsoft’s Adam Shostack about the Privacy Enhancing Technologies Symposium, the definition of privacy in today’s world and the role of technology in helping to enhance and protect that privacy.
As smartphones become even smarter, they are going to attract more and more attention from attackers, spammers and others looking to take control of the billions of mobile devices in use today, the head of Google’s Android security team said. In a talk at the USENIX Security symposium Wednesday, Rich Cannings acknowledged the danger that malware and other security threats pose to Android phones as well as other smartphones, Computerworld reports.
That giant sucking sound you hear is the steady stream of talented security people and experienced policy makers getting out of Washington as quickly as possible as the Obama administration continues to be paralyzed by indecision and a lack of direction regarding cybersecurity.
This short video demonstration shows a new technique for exploiting a flaw in Apple Safari 4 that enables an attacker to hijack the Top Sites feature in Safari and replace the victim’s Top Sites with phishing sites. The vulnerability and attack were discovered by Inferno.
This Google Tech Talk features researcher Nate Lawson discussing recent vulnerabilities in crypto libraries, why public key cryptography is like a Ford Pinto in a demolition derby and the password-hashing mess created by Web 2.0 sites.
Dennis Fisher talks with researcher Moxie Marlinspike about the innovative research on attacking the inherent weaknesses in the SSL infrastructure that he presented at Black Hat, and the tools he has released to demonstrate the attacks, SSLSniff and SSLStrip.
Twitter was the target of a sustained denial-of-service attack Thursday morning, an attack that took the site offline for several hours. Twitter’s service went down around 9 a.m. EDT and was back up around noon, while Facebook’s site also experienced problems that may have been the result of a DoS attack.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
