As the clock winds down on the comment period for the United States government’s proposed implementation of the Wassenaar Arrangement export controls for intrusion software, Google officials say that the rules would have a “significant negative impact” on security research. The Department of Commerce’s Bureau of Industry and Security has proposed a set of regulations[…]
Yet another group of attackers has quickly cashed in on one of the Adobe Flash zero days uncovered in the HackingTeam leak and is leveraging it to target Japanese organizations.
UPDATE–Researchers at Rook Security have released a new tool that looks for HackingTeam malware on target systems, and also have published a set of indicators of compromise to help organizations look for signs of an infection from the intrusion software.
At Black Hat, researchers from OpenDNS are expected to launch a new Twitter feed called BGP Stream that will send out alerts on possible BGP and DNS hijacking attacks.
Netragard, one of the small number of companies that buys and sells exploits, has shut down its exploit acquisition program in the wake of the HackingTeam breach.
Dennis Fisher and Mike Mimoso talk about all of the patches from Microsoft, Adobe and Oracle, the Flash security saga and the Darkode forum takedown.
Hardware hacker Samy Kamkar has developed an anonymization device called ProxyGambit that improves upon ProxyHam, the device that was supposed to be unveiled at DEF CON.
iSight Partners provides details on an Office zero day patched this week that was used by the prolific APT 28 gang.
Google is expanding the use of its Safe Browsing mechanism to warn users about a broader variety of unwanted software, in addition to the warnings they see regarding phishing pages, malware, and other threats.
A slew of routers manufactured in China are fraught with vulnerabilities, some which have existed in products for as long as six years.