Adobe released its August software patches on Tuesday and immediately found itself in hot water with Google researcher Tavis Ormandy, who claims the firm is downplaying the extent of security flaws in its products.
Microsoft shipped 13 bulletins in the August edition of Patch Tuesday, including two critical fixes for the Internet Explorer Browser and for Windows DNS Server that the company warns could enable remote attacks.
Unlike MBR malware of a decade ago, the newest MBR malware is feature rich, with data stealing and remote control functionality built in.
DEFCON, the cash-only, aliases-welcome hacker conference took place in the moral vacuum of Las Vegas, Nevada this weekend, as it has every Summer since 1993. This year there was no shortage of controversial presentations and panel discussions. If you were short the airfare, the $150 entrance fee, gave up on the three hour line-ageddon to pick up your badge or – admit it – your boss (or spouse) just wouldn’t let you go, have no fear. The show was crawling with media, including computer security reporters and even the mainstream media (CBS and NPR were there). Here’s our round up of some of the major stories to come out of this year’s DEFCON conference.
A researcher has found evidence of thousands of compromised Wordpress blogs that are being used to insert malicious images into Google search results.
Hacker collectives, LulzSec and Anonymous claim to have compromised the servers of the Missouri Sheriff’s Association, posting some 10GB of sensitive data online.
By B.K. DeLongWith alleged Anonymous leadership such as Sabu and opponents such as th3j35t3r tweeting about their supposed shenanigans in Las Vegas, the question on everyone’s mind this week is whether Anonymous is truly walking the halls of this week’s Black Hat and DEFCON hacker conferences. Some believe the answer to that question is almost certainly ‘yes’ but not for the reasons you might think – here’s my opinion based on several discussions I’ve had throughout the week.
Security researchers at the Black Hat Briefings demonstrated a method for turning purloined credit card information into cash, this time using Square, a free credit card reader that promises to turn anyone with a mobile device into a merchant capable of accepting credit card payments.
LAS VEGAS–The way that things are right now in mobile security, there does not look to be much hope for keeping corporate and personal data secure. A panel of researchers who focus on looking for attacks and bugs at various levels of the mobile device and infrastructure said at Black Hat that there are so many ways an attacker can compromise phones from the infrastructure all the way down to the application level, defending against all of them is highly problematic.
We recently reported on a massive drive-by-download campaign affecting some 90,000 Web pages. In the less than two weeks since that report, the same campaign is now affecting more than six million pages.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
