Researchers at Kaspersky Lab and Microsoft have shared new insight into how malware campaigns operate over the Tor anonymity network, as well as other darknets.
Browsing Tag: Microsoft
Security researchers have been investing in developing exploits for Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), but hints are surfacing that hackers are taking notice too.
Starting a threat modeling system can seem daunting, but the good news is that there’s no one right way to do it, just the right way for a given organization.
Microsoft released a technical preview of EMET 5.0 that includes two new exploit mitigations, including Attack Surface Reduction which gives users more control where and when plug-ins are loaded into applications.
Despite all of the revelations and accusations and recriminations in the security industry in the last year, Microsoft CSO Scott Charney said he is still optimistic about the industry’s ability to defend users.
Researchers at Bromium Labs are expected to deliver a paper today that explains how they were able to bypass all of the memory protection mitigations in Microsoft’s Enhanced Mitigation Experience Toolkit
Microsoft made a Fix-It tool available as a temporary mitigation for a zero-day vulnerability in Internet Explorer 10. The zero day is being exploited by two hacker groups.
The Internet Bug Bounty program, a cooperative effort among security experts and vendors, paid out its first $10,000 bounty this week for a serious Flash vulnerability. The flaw, which Adobe fixed in December, was a serious one that has been used in targeted attacks. Started in November, the Internet Bug Bounty is a system set[…]
Windows Error Reporting, or Dr. Watson, can be used to detect advanced exploits targeting organizations by fingerprinting exploit behaviors and correlating those with system or application crashes.
There are at least two different groups running attacks exploiting the recently published zero day vulnerability in Internet Explorer 10, and researchers say one of the groups used the bug to impersonate a French aerospace manufacturer and compromise victims visiting the spoofed Web page.