April 19, 2012 - Even as the latest breach headline fades away, we all know there is another waiting in the wings. How can organizations protect themselves? There is no panacea for securing a payment environment, and implementing advanced technology alone will not make (continue reading...) Read more
April 17, 2012 - Today’s blog is a quick follow up to the OSX.Flashback.K issue. The statistics from our sinkhole are showing declining numbers on a daily basis. However, we had originally believed that we would have seen a greater decline in infections (continue reading...) Read more
April 16, 2012 - Phishers always try to find new ways to bypass security features and trick ‘educated’ users. Over the years we have seen simplistic phishing attempts where the required information had to be typed into the e-mail body. This worked at that (continue reading...) Read more
April 16, 2012 - Flaming Retort is back, this time trying to Coole and Explayne the flames we've had from some Mac users in the past few days. In a back-to-front way of making Mac fans feel better, I'll start by making everyone feel slightly (continue reading...) Read more
April 16, 2012 - Security events, such as vulnerabilities and threats, that are detected globally continue to grow and evolve in scale, impact, diversity, and complexity. Compounded with this is the other side of the coin, the unreported or undetected events awaiting in the (continue reading...) Read more
April 15, 2012 - Over the past week or so, there has been an ongoing discussion on the Internet about some Android applications that looked suspicious. Most of the apps were supposedly designed to mimic popular games in Japan or play a video in (continue reading...) Read more
April 13, 2012 - Oracle has pre-released its quarterly Critical Patch Update (CPU) coming on April 17. There will be 88 security patches covering over 30 product lines, including its Oracle database servers and (continue reading...) Read more
April 12, 2012 - Last weekend was a typical one, nothing out of the ordinary: errands, science fairs, softball practice with the kids. However, Read more
April 11, 2012 - OSX.Flashback initially arrived on the scene in late 2011. It has come a long way from its humble beginnings as a social-engineering scam trying to pass off as a fake Flash update using digital certificates purporting to come from Apple. (continue reading...) Read more
April 10, 2012 - Twitter recently filed a lawsuit in the San Francisco Federal Court against five of the most aggressive spammers and spam tool providers. The defendants listed in the suit are TweetAttacks,TweetAdder, TweetBuddy, James Lucerno of justinlover.info, and Garland E. Harris (continue reading...) Read more
April 10, 2012 - http://youtu.be/yToUSbmEZiY (continue reading...) Read more
April 10, 2012 - Hello, welcome to this month’s blog on the Microsoft patch release. This is an average month—the vendor is releasing six bulletins covering a total of 11 vulnerabilities. Seven of this month's issues are rated ‘Critical’ and they affect Internet Explorer, .NET, (continue reading...) Read more
April 10, 2012 - This month Microsoft issued six bulletins, four critical, two important, addressing 11 distinct vulnerabilities. Organizations should focus most of their attention on MS12-027. What makes this bulletin stand out (continue reading...) Read more
April 6, 2012 - In our weekly review call for the Cisco Cyber Risk Report for March 26-April 1, 2012 we discussed the incident of the JetBlue mid-air emergency incident. The incident has been widely reported, but a short summary is that the (continue reading...) Read more
April 6, 2012 - Recent media reports about the OSX.Flashback malware have put the size of the botnet at over 600,000. The botnet is believed to have reached this size by using vulnerabilities such as the Oracle Java SE Remote Java (continue reading...) Read more
April 6, 2012 - During my 25-year career, I’ve been fortunate to work closely with some of the best and brightest, supporting government and Read more
April 5, 2012 - Today Microsoft released its Advanced Notification for April 2012 with six bulletins addressing 11 vulnerabilities. Four of the bulletins are rated critical, two are rated important. The bulletins affect all versions (continue reading...) Read more
April 4, 2012 - We have previously discussed how mobile users are led to Japanese one-click fraud by clicking on links in spam or through search results on the Web when performing these actions on smartphones. There is also a third vector (continue reading...) Read more
April 4, 2012 - Spammers are traversing through various social networks in order to find a new pool of users to dupe. We recently observed spam on social photo-sharing app Instagram. This campaign is similar to an earlier blog post which highlighted how (continue reading...) Read more
April 1, 2012 - Security professionals, analysts, journalists and people in the pub: there's a vocal minority in all those groups which likes to be heard to say, "Anti-virus isn't good enough for today's threats". But is it true? Paul Ducklin has his say. (continue reading...) Read more