Latest news

Attackers Targeting Microsoft Word Zero Day
Hacking

Attackers Targeting Microsoft Word Zero Day

Attackers are targeting a newly disclosed, unpatched vulnerability in Microsoft Word that can be used to install malware silently on victims’ computers. The attacks are using rigged Word documents attached to phishing emails, and when a victim opens one of the malicious documents, the embedded exploit code will immediately connect […]

On the Wire Podcast: Katie Moussouris
Hacking, Podcast

On the Wire Podcast: Katie Moussouris

Katie Moussouris has pretty much seen it all in her nearly two decades in the security industry as a pen tester, consultant, Microsoft employee, and many other roles. Now she’s putting that experience and knowledge to work helping governments and enterprises work out the problem of vulnerability disclosure and response […]

On the Wire Podcast: David Jacoby and Frans Rosen
Hacking

On the Wire Podcast: David Jacoby and Frans Rosen

Bug bounty programs are nature enough and lucrative enough that there are some researchers making a very comfortable living from them. But not every technology company has one, and not every researcher is looking to make money for themselves on these projects. David Jacoby of Kaspersky Lab and Frans Rosen […]

The Good, the Bad, and the Ugly of Software Export Controls
Hacking, Uncategorized

The Good, the Bad, and the Ugly of Software Export Controls

ST. MAARTEN–Perhaps no regulation has caused as much turmoil in the technology industry recently as the proposed export controls for intrusion software written by the Department of Commerce. The rules have broad implications for security researchers who rely on information sharing to do defensive work, and the potential restriction of […]

Inside the Total Compromise of a $25 Billion Bank
Authentication, Hacking

Inside the Total Compromise of a $25 Billion Bank

ST. MAARTEN–On a quiet Saturday afternoon in October 2016, security researchers in Latin America began noticing some odd behavior in the Brazilian banking system. Customers visiting the  website of one of the country’s larger banks were being hit with automatic malware downloads, but as the researchers began investigating the incident, […]

Researchers Tie Bank Attacks to North Korea
Authentication, Hacking

Researchers Tie Bank Attacks to North Korea

ST. MAARTEN–New details discovered in the investigation into the string of attacks on banks around the world using the SWIFT network show have linked the intrusions to attackers based in North Korea. Separate research conducted by experts at SWIFT, Kaspersky Lab, and BAE Systems uncovered a trail of clues that, […]

Highly Effective Phishing Attack Targets Corporate Travelers
Authentication

Highly Effective Phishing Attack Targets Corporate Travelers

Attackers are using the lure of airline reservations as part of a highly effective phishing campaign that researchers say is successful about 90 percent of the time. The campaign targets corporate victims, and the attackers behind it seem to be doing quite a bit of research before sending the phishing […]

Mirai Botnet Hammers College With Two-Day Attack
Device Security

Mirai Botnet Hammers College With Two-Day Attack

A newly discovered variant of the Mirai malware recently was used in a massive, sustained DDoS attack against a college in the United States, an attack that lasted more than two days. The Mirai malware has been involved in several of the larger DDoS attacks ever seen, including one that […]