The Obama administration is inviting leaders at the top Internet domain name registrars and registries to attend a three-hour meeting at the White House next month about voluntary ways to crack down on Web sites that are selling counterfeit prescription medications.
I was pretty bummed this year when I found out that a previous engagement would prevent me from traveling to Las Vegas for the annual back-to-back Black Hat and Defcon security conventions. But I must say I am downright cranky that I will be missing MalCon, a conference being held in Mumbai later this year that is centered around people in the “malcoder community.”
According to the conference Web site, MalCon is “the worlds [sic] first platform bringing together Malware and Information Security Researchers from across the globe to share key research insights into building the next generation malwares. Spread across the world, malcoders now have a common platform to demonstrate expertise, get a new insight and be a part of the global MALCODER community. This conference features keynotes, technical presentations, workshops as well as the EMERGING CHALLENGES of creating undetectable stealthy malware.”
Roughly half of the exploits tested were exact copies of the first exploit code to be made public against the vulnerability. NSS also tested detection for an equal number of exploit variants, those which exploit the same vulnerability but use slightly different entry points in the targeted system’s memory. None of the exploits used evasion techniques commonly employed by real-life exploits to disguise themselves or hide from intrusion detection systems.
Among all ten products, NSS found that the average detection rate against original exploits was 76 percent, and that only three out of ten products stopped all of the original exploits. The average detection against exploits variants was even lower, at 58 percent, NSS found.
A man identified as one of the world’s top purveyors of junk e-mail has been imprisoned in Russia for allegedly having sex with underage girls, KrebsOnSecurity.com has learned.
According to multiple sources, Leonid “Leo” Aleksandorovich Kuvayev, 38, was sent to a prison in the Russian Federation roughly six months ago. It is not clear how long his sentence is or precisely where he is being held.
McAfee just published the sixth edition of its Security Journal, which includes a lengthy piece I wrote about the pros and cons of taking down Internet service providers and botnets that facilitate cyber criminal activity. The analysis focuses on several historical examples of what I call “shuns” and “stuns,” or taking out rogue networks either by ostracizing them, or by kneecapping their infrastructure in a coordinated surprise attack, respectively.
I recently highlighted a study which showed that most of the top third-party software applications failed to take advantage of two major lines of defense built into Microsoft Windows that can help block attacks from hackers and viruses. As it turns out, a majority of anti-virus and security products made for Windows users also forgo these valuable security protections.
Thieves recently attached bank card skimmers to gas pumps at more than 30 service stations along several major highways in and around Denver, Colorado, the latest area to be hit by a scam that allows crooks to siphon credit and… Read More »
Researchers have discovered what appears to be a sophisticated new strain of malicious software that piggybacks on USB storage devices and leverages a previously unknown security vulnerability in the way Microsoft Windows processes shortcut files.
USB-borne malware is extremely common, and most malware that piggybacks on USB and other removable drives traditionally has taken advantage of the Windows Autorun or Autoplay feature. But according to VirusBlokAda, this strain of malware leverages a vulnerability in the method Windows uses for handling shortcut files.
Security weaknesses in the hugely popular file-sharing Web site thepiratebay.org have exposed the user names, e-mail and Internet addresses of more than 4 million Pirate Bay users, according to information obtained by KrebsOnSecurity.com. An Argentinian hacker named Ch Russo said… Read More »
Many of the most widely used third-party software applications for Microsoft Windows do not take advantage of two major lines of defense built into the operating system that can help block attacks from hackers and viruses, according to research released today.
