Security risk in extensible text editors enable hackers to abuse plugins and escalate privileges.
Browsing Author: Threatpost
Security community takes a critical look at CTS-Labs’ disclosure of vulnerabilities in AMD vulnerabilities found in EPYC servers, Ryzen workstationsm and Ryzen mobile offerings.
Politicians, security researchers and others involved in the fight against cybercrime often compare the situation to efforts to combat traditional organized crime. Some of the tricks and tactics are comparable, and so are the motives, but there’s one major difference between the two groups: Cybercriminals have virtually no fear of being caught. The chances of a cybercriminal being caught, prosecuted and actually serving time in prison are incredibly small, especially in relation to the volume of cybercrime activity occurring today.
It can happen to anyone…and when it does it usually catches everybody – the victim and his relatives – completely unprepared. I’m talking about kidnapping. Twice in my life I’ve been involved in helping the police track down and arrest gangs of kidnappers. The first case didn’t directly affect me or my family, but the second time a close friend of mine was kidnapped. And it turns out that our work in tackling cybercrime can also be useful to catch criminals who seem to have little connection with high-tech wrong-doing.
Like every other security executive in the health care industry, Larry Whiteside, CISO of the Visiting Nurse Service of New York, spends much of his time dealing with compliance-related issues. But the distributed nature of his user population means that he has sensitive patient data on thousands of mobile devices all over the state. Learn how Whiteside balances compliance demands with security realities to keep data secure while maximizing efficiency.
Adobe vs. Microsoft on Security Response – Fri, March 6, 2009
Ryan and Roel discuss the latest zero-day vulnerabilities (and attacks) affecting Adobe and Microsoft customers and compare the response from the two software vendors.
The Kido Worm Attack – Fri, Jan. 23 2009
Ryan and Roel discuss the propagation techniques behind the Kido/Conficker worm attack and make important recommendations around protection and mitigation.
Emergency IE Patch – Fri, January 9, 2009
Ryan and Roel dissect the latest wave of malware attacks against Microsoft Internet Explorer browser and discuss the company’s plans to ship an emergency out-of-band update.
USB Malware Mess – Fri, November 28, 2008
The boys explain the latest news around Lenovo distributing a malware-infected driver software and the network worm that forced the U.S. military to ban the use of USB drives and other forms of removable media.
Clickjacking: Ryan and Roel tackle browser-threat hype – Tue, October 21, 2008
The cross-browser clickjacking threat, malware on new Asus EEE machines, phishing and the elections/financial crisis, the iPhone security mess, Microsoft Patch Tuesday and the exploding fraudware/rogueware problems.