Thousand of people graduate from colleges and universities each year with cybersecurity or computer science degrees only to find employers are less than thrilled about their hands-on, foundational skills. Here’s a look at a recent survey that identified some of the bigger skills gaps, and some thoughts about how those seeking a career in these fields can better stand out from the crowd.
For several months I’ve been poking at a decent-sized spam botnet that appears to be used mainly for promoting adult dating sites. Having hit a wall in my research, I decided it might be good to publish what I’ve unearthed so far to see if this dovetails with any other research out there.
In late October 2016, an anonymous source shared with KrebsOnSecurity.com a list of nearly 100 URLs that — when loaded into a Firefox browser — each displayed what appeared to be a crude but otherwise effective “counter” designed to report in real time how many “bots” were reporting in for duty.
Here’s a set of archived screenshots of those counters illustrating how these various botnet controllers keep a running tab of how many “activebots” — hacked servers set up to relay spam — are sitting idly by and waiting for instructions.
I recently published a piece that examined the role of several Ukrainian men likely responsible for making and marketing the Styx Pack malware exploit kit. Today’s post will show how this same enterprise is linked to a DDoS protection scheme and a sprawling cybercrook-friendly malware scanning service that is bundled with Styx-Crypt.
It wasn’t long ago that I felt comfortable recommending CNET’s download.com as a reputable and trustworthy place to download software. I’m going to have to take back that advice: Unfortunately, CNET now is bundling invasive and annoying toolbars with much of the software on its site, even some open-source software whose distribution license prohibits such activity.
I first became aware of this after reading mailing list posting by Gordon “Fyodor” Lyon, the software developer behind the ever useful Nmap network security scanner. Lyon is upset because download.com, which has long hosted his free software for download, recently began distributing Nmap and many other titles with a “download installer,” that bundles titles with browser toolbars like the Babylon toolbar.