At the Security Analyst Summit, Mark Dowd described how memory corruption mitigations are successfully driving up exploit development costs.
Browsing Author: Michael Mimoso
Researchers may have found a link between Moonlight Maze of the late ’90s and the Turla APT, which would elevate Turla to the ranks of the Equation Group as an elite nation-state attacker.
Owners of Github repositories were the focus of a phishing campaign spreading the Dimnie information-stealing malware.
Researchers have disclosed a zero-day vulnerability and proof-of-concept exploit for a flaw in Microsoft IIS 6.0. The zero-day has been under attack since last July, the researchers said.
Five vulnerabilities exist in Siemens RUGGEDCOM gear; the vendor has made a number of workarounds available, but it’s unknown whether patches will be made available.
The FBI warned medical and dental offices running FTP servers in anonymous mode that criminals are targeting these installations and stealing personal healthcare information.
Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the sdclt.exe backup and restore utility to execute a payload without triggering an alert.
Today’s WikiLeaks Vault 7 Dark Matter release shows the CIA’s capabilities to attack and persist on Apple iPhone and Mac firmware and an apparent interdiction of the iPhone supply chain.
Bruce Schneier and Orin Kerr have written a paper that explains the technological and legal issues associated with six encryption workarounds available to law enforcement.
Jigsaw and Google said they would offer a free suite of security tools aimed at securing political elections.