Officials at Huawei Technologies say that they’re looking into claims by security researchers made at DEF CON last week that there are a handful of serious security vulnerabilities in some of the company’s routers. Saying it employs “rigorous security strategies and policies” Huawei is trying to verify the flaws discovered by researchers Felix “FX” Lindner and Gregor Kopf.
Google has released Chrome 21, the most recent stable version of its flagship browser. The new release includes more than two dozen security fixes, among them patches for six high-priority flaws.
Attackers are now using DDoS services that offer attacks on telecommunication systems as part of larger attack schemes. These attacks, known as TDoS attacks, can be a relatively cheap option for cybercriminals looking into diversifying their attack vectors.
The number of SQL attacks jumped by nearly two thirds earlier this year according to cloud hosting firm FireHost who recorded over 450,000 blocked SQL injection attacks between the first and second quarter this year.
Microsoft gave its users steps earlier this week to sidestep a vulnerability in one of Oracle’s Outside In libraries. The company published some mitigations for the bug, but said it isn’t aware of any active attacks against it yet.
In concert with the release of their highly anticipated Mountain Lion OS X, Apple also updated their Web browser, Safari, including a number of security fixes.
Nearly one-third of all recalled medical devices contain computers, and half of those are recalled because of computer-related problems, according to a recent study.
Black Hat is upon us and, with it, a lot of chatter about the dangers posed by so-called “APT,” or advanced persistent threats. Rather than get trapped in the hype bubble, Threatpost editor Paul Roberts took the opportunity to check back in with a recognized expert on detecting and combating APT-style attacks: Amit Yoran, the former CEO of NetWitness Corp. and now a Senior Vice President at RSA, The Security Division of EMC. Yoran says that the darkest days may yet be ahead in the fight against APT style attacks, with mounting attacks and a critical shortage of security talent. To cope, both private sector firms and the government need to stop fighting the last war and pivot to the kinds of practices and monitoring that can spot sophisticated attackers.
Dennis Fisher talks with botnet researcher Jose Nazario about whether botnet takedowns are worth the effort, the evolution of attack techniques and whether we can ever get the upper hand on attackers.
A new survey shows that 50 percent of employees think that their company has been the victim of a targeted attack. Security firm Proofpoint found in its survey that these targeted attacks continue to be a nuisance, affecting both small and large organizations.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
