Inside The UK’s Active Cyber Defense Program
UK’s National Cyber Security Centre highlights the success of its Active Cyber Defence (ACD) program
read more
Continue reading Inside The UK’s Active Cyber Defense Program
Author Archives: Kevin Townsend
Under the Microscope: ISACA Survey on Cybersecurity Workforce, Resources and Budgets
A major survey that like all surveys needs to be examined carefully rather than accepted blindly.
read more
Qualcomm Modem Chip Flaw Exploitable From Android: Researchers
Billions of Android devices are exposed to a vulnerability in Qualcomm’s Mobile Station Modem (MSM) chip
A vulnerability in Qualcomm’s Mobile Station Modem (MSM) chip– installed in around 30% of the world’s mobile devices – can be exploited from within… Continue reading Qualcomm Modem Chip Flaw Exploitable From Android: Researchers
New Variant of Buer Malware Loader Written in Rust to Evade Detection
A new variant of the Buer malware loader has been detected, written in Rust. The original version is written in C. Rust is efficient, easy-to-use, and an increasingly popular programming language – Microsoft uses it, and joined the Rust Foundation in F… Continue reading New Variant of Buer Malware Loader Written in Rust to Evade Detection
Unknown Chinese APT Targets Russian Defense Sector
Researchers at Cybereason say they have discovered an undocumented malware targeting the Russian military sector and bearing the hallmarks of originating in China if not being Chinese state sponsored.
read more
Continue reading Unknown Chinese APT Targets Russian Defense Sector
Stealthy RotaJakiro Backdoor Targeting Linux Systems
Previously undocumented and stealthy Linux malware named RotaJakiro has been discovered targeting Linux X64 systems. It has been undetected for at least three years, and operates as a backdoor.
Four samples have now been discovered, all using the same … Continue reading Stealthy RotaJakiro Backdoor Targeting Linux Systems
Death of the Manual Pen-Test: Blind Spots, Limited Visibility
Manual penetration testing (pen-testing) is increasingly challenged by automated methods of vulnerability discovery and management. The reasons are not difficult to understand: the cost and coverage of manual testing is too high and too limited.
read m… Continue reading Death of the Manual Pen-Test: Blind Spots, Limited Visibility
CISO Conversations: Raytheon and BAE Systems CISOs on Leadership, Future Threats
Dark Hash Collisions: New Service Confidentially Finds Leaked Passwords
New service can tell a company which users have a password known to hackers, without having to know the usernames
read more
Continue reading Dark Hash Collisions: New Service Confidentially Finds Leaked Passwords
Dark Hash Collisions: New Service Confidentially Finds Leaked Passwords
New service can tell a company which users have a password known to hackers, without having to know the usernames
read more
Continue reading Dark Hash Collisions: New Service Confidentially Finds Leaked Passwords