Adobe issued two security bulletins on Tuesday, fixing a critical security vulnerabilities in Shockwave Player, and another affecting its RoboHelp authoring product.
Browsing Category: SMB Security
By Rob LemosThere are a lot of good reasons to have remote-access software installed on a business network: It might be there to allow a remote administrator to manage a database; or to give a third-party point-of-sale management firm to apply patches; or even to allow a PBX vendor access to the server managing their client’s voice-over-IP lines. Unfortunately, through poor configuration, bad passwords or vulnerabilities, the software is also allowing attackers in to steal data and is becoming an increasingly popular attack vector.
DDoS attacks come in all shapes and sizes, and in a lot of cases, the victims of the attacks don’t much care who is executing the attack or why. They just know that their network is being overwhelmed with junk traffic. But the last year has seen a major volume of politically motivated attacks, and new research shows that as much as 35 percent of DDoS are the result of some political or ideological motivation.
A report from Web security firm zScaler finds that Web pages hosted by the firm Dreamhost are being redirected to a scam Web site in Russia following a hack of the company’s servers last month.
Join Paul Roberts, Threatpost editor, and his guests, Michael Guigli, CEO of CloudConnect and Tim Armstrong, Malware Researcher at Kaspersky Lab as they discuss Virtualization and the security challenges faced by small businesses.
Researchers at the security firm M86 report that hackers have compromised hundreds of Web sites that use the WordPress content management system. The sites, mostly small Web pages and blogs, are being used to fool spam filters and redirect unwitting visitors to drive by download Websites that will install malicious software on vulnerable systems.
Hundreds of government employees in Seattle, Washington received fraudulent emails yesterday that appeared to be traffic violation notifications but were, in fact, vehicles for infection by malicious software.
MIAMI BEACH–It’s been a decade now since Microsoft began focusing on product security as a top priority and there have been a lot of successes and some failures along the way. But in that time, one of the things that most definitely has changed as a result of the Trustworthy Computing program is how difficult and expensive it’s become for attackers to compromise Windows machines. That’s not to say, however, that the fight has been won. It’s only beginning, in fact, a senior Microsoft security official said.
New York City – Microsoft has proven that it can take down huge, global botnets like Kelihos, Rustock and Waldec. Now the company is ready to start making the data it acquires in those busts available to governments, law enforcement and customers as a real time threat intelligence feed.
As companies begin submitting their regulatory filings and financial reports from 2011, the SEC is pushing for more comprehensive data breach, cyber attack, and general risk-assessment disclosures.