A new report from NSS Labs studies how various Web browsers perform when it comes to blocking socially-engineered attacks. The startling results show that Internet Explorer isn't just better than rival browsers like Chrome and Firefox -- but leaves competitors completely in the dust.
Tony Bradley | 15 Dec | Read more
For a brief period this week, cybercriminals managed to infect Google's and Microsoft's online ad networks with malicious advertisements that attacked users' PCs, according to security consultancy Armorize.
Robert McMillan | 13 Dec | Read more
WikiLeaks has been experiencing some issues lately ranging from having its Web hosting services shutdown to having its accounts frozen and the flow of money cut off. Some cheer those actions, while others see them as an attack on liberty and free speech and are coming to WikiLeaks' defense.
Tony Bradley | 08 Dec | Read more
McAfee today revealed its McAfee Threat Report for the third quarter of 2010. Information like that provided by McAfee in these quarterly reports is valuable for IT admins -- enabling them to keep a finger on the pulse of malware, and to stay in touch with emerging attack techniques and trends.
Tony Bradley | 18 Nov | Read more
After over 10 years of active participation in the honeypot community, I was surprised not to have heard of MicroSolved's HoneyPoint Security Server before I started planning this roundup. HoneyPoint runs on Windows, Linux, and Mac OS X, and offers some useful features -- such as "defensive fuzzing" and the ability to track alert status -- that KFSensor and Honeyd don't. But HoneyPoint is neither as easy and complete as KFSensor, nor as flexible and scalable as Honeyd.
Roger A. Grimes | 18 Nov | Read more
Trend Micro has released a tool that administrators can use to scan dozens of computers at a time for Stuxnet, the malicious software program that has raised widespread concern for its targeting of industrial systems made by Siemens.
Jeremy Kirk | 17 Nov | Read more
Security researchers, working with law enforcement and Internet service providers, have disrupted the brains of the Koobface botnet.
Robert McMillan | 13 Nov | Read more
The Black Hat security conference will kick off in Abu Dhabi on Monday with new information revealed about the Stuxnet malicious software program along with other cutting-edge research.
Jeremy Kirk | 06 Nov | Read more
Last week a malware threat emerged that impacted both Windows and Mac OS X systems. To be fair, the attack is more social engineering than PC exploit, but it impacts Mac OS X users just the same. ESET's David Harley has written a more detailed analysis of the Boonana threat, and identified some elements that are contrary to initial reports.
Tony Bradley | 03 Nov | Read more
A massive takedown operation conducted by Dutch police and security experts earlier this week does not appear to have completely dissolved the Bredolab botnet, but it is unlikely to recover.
Jeremy Kirk | 29 Oct | Read more
Microsoft Security Essentials is fake. Well, it is and it isn't. Microsoft Security Essentials is a free antimalware protection program from Microsoft, but a new malware threat identified by security software vendor F-Secure is also masquerading as Microsoft Security Essentials. You want to avoid that one.
Tony Bradley | 23 Oct | Read more
In the course of researching and preparing volume 9 of the Security Intelligence Report, Microsoft analysts discovered an interesting trend. According to Microsoft's findings, attacks against Java have recently surged to unprecedented levels -- dwarfing attacks against Adobe PDFs.
Tony Bradley | 21 Oct | Read more
Everyone knows that the Mac OS X operating system is just inherently secure. Any Apple loyalist will gladly explain to you everything that is wrong with Microsoft Windows, and how happy they are with not having to worry about malware and exploits on their shiny new Mac. So, I guess Macs don't need security software and we have nothing left to talk about...
Tony Bradley | 21 Oct | Read more
A recently discovered category of malware -- advanced evasion techniques -- can sneak through most intrusion-prevention systems to deliver even well-known exploits such as Sasser and Conficker to targeted machines without leaving a trace of how they got there, researchers say.
Tim Greene | 18 Oct | Read more
Microsoft this week unveiled the ninth volume of its Security Intelligence Report (SIR). The semi-annual assessment of the state of computer and Internet security and overview of the threat landscape generally yields some valuable information. This particular edition of the Security Intelligence Report focuses its attention on the threat posed by botnets.
Tony Bradley | 16 Oct | Read more