Dell said human error was to blame for mistakes which led it to ship a
number of replacement server motherboards to customers pre-loaded with
spyware. The company declined to say whether it was running anti-virus
software at its factory but said it had taken 16 steps to improve
processes. Read the full article. [The Register]
Slovenian police have arrested four suspects over allegations that they developed the Mariposa botnet malware. Read the full article. [The Register]
Just days after Colorado officials warned businesses about scammers who are forging corporate identities to commit financial fraud, an official in Georgia said the same has been happening in that state as well. Read the full article. [Computerworld]
Renowned researcher HD Moore next week will
reveal how a misconfiguration by developers using the VxWorks operating
system found in many embedded systems has left a trail of vulnerable
products across various vendors’ products. Read the full article. [Dark Reading]
At next week’s Black Hat security conference, researcher Jeremiah Grossman plans to detail
critical weaknesses that are enabled by default in major browsers–IE, Safari, Firefox and Chrome– and include vulnerabilities that have yet to be
purged by the respective browser makers despite months and years of notice. Read the full article. [The Register]
A zero-day flaw being used in targeted attacks
against organizations worldwide has
security experts worried that the threat could spread further. Concerns
about additional attacks using the “LNK” vulnerability in
Windows machines prompted the SANS
Internet Storm Center today to raise its Infocon alert level to
“yellow,” up from “green,” or normal, status.
Read the full article. [Dark Reading]
Millions of household routers are susceptible to a flaw that creates a
handy means for hackers to hijack surfing sessions or hack into home
networks. Read the full article. [The Register]
A currently spamvertised malware campaign is brand-jacking Amazon.com,
in an attempt to trick end users into visiting a client-side exploits
serving URL. Read the full article. [ZDNet]
A well-known cryptographic attack could be used by hackers to log into
Web applications used by millions of users, according to two security
experts who plan to discuss the issue at Black Hat. Read the full article. [Computerworld]
Instead of indicating password quality via coloured bars, the Windows crypto tool Thor’s Godly Privacy (TGP) informs users about the estimated time required for a successful brute-force attack on the chosen password. Read the full article. [The H Security]
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
