Macro malware, a major threat in the 1990s, has recently returned to focus and is evolving, courtesy of tricks designed to better keep the malicious code hidden, Microsoft warns.
read more
F-Secure Enters Incident Response Arena
The focus of security is shifting from perimeter protection to network detection. Anti-virus at the perimeter is no longer enough, and the AV industry itself has long said that it should be part of a multi-layered defense. Now a major AV vendor is providing one of those additional layers with the launch of its own incident detection and response service.
read more
Security Resources: Don’t Put All Your Eggs in One Basket
Why Centralizing Enterprise Security Resources is Not a Great Idea
read more
Nuclear Exploit Kit Creators Make $100,000 Per Month
The lead developer of the Nuclear exploit kit is an individual located in Russia, and the group behind the crimeware makes roughly $100,000 per month, according to security firm Check Point.
read more
Office 365 Users Need Better Care of Sensitive Data: Report
Microsoft CEO Satya Nadella's transformation of the company from a staid desktop sales company into a dynamic cloud subscription company has been remarkable. By the number of enterprise users, Microsoft has become the most widely used cloud service provider in just two years. Perhaps unsurprisingly, because of its ease and ubiquity, OneDrive is the most used part of the Office 365 suite.
read more
Mysteries of the Panama Papers
Just as the story of the “Panama Papers” was about to die out, we in the security community are treated to new data, some celebrities and a manifesto. The leaked data from the Mossack Fonseca breach is supposed to illuminate dark corners of international tax evaders, but the story has many mysteries around it still.
read more
Windows Malware Tries to Avoid 400 Security Products
Malware authors are constantly trying to build their malicious files to remain undetected by security products and pack their malicious programs with anti-virus detection capabilities, but the newly observed "Furtim" malware is one of a kind in this regard.
read more
VMware Updates Products to Patch Critical, Important Flaws
VMware has released updates for several of its products to patch a couple of vulnerabilities rated critical and important.
The critical vulnerability is related to how the RMI server of Oracle JRE JMX deserializes authentication credentials. A remote, unauthenticated attacker can leverage the weakness to cause deserialization flaws and execute arbitrary commands.
read more
Google Cloud Platform Flaw Earns Researcher $5,000
Google has paid out $5,000 to a bug bounty hunter who discovered a serious vulnerability in the Google Cloud Platform.
Germany-based researcher Patrik Fehrenbach discovered that the Google Cloud Platform Console was plagued by a stored cross-site scripting (XSS) flaw.
read more
Most Android Devices Prone to Accessibility Clickjacking Attacks
Clickjacking attacks where users are tricked into enabling Android accessibility features are possible on a majority of devices, enterprise mobile security firm Skycure warned on Tuesday.
read more
