Shaun Waterman – Page 26 – WindowsTechs.com

New fileless malware uses DNS to pull down instructions

Posted on March 6, 2017 by Shaun Waterman

A new, very stealthy malware variant uses the internet’s address directory to covertly pull down commands from its authors, which then are directly implemented by victimized computers — leaving no trace on the hard drive for digital detectives to analyze. DNSMessenger, as the malware’s been dubbed by threat researchers at Talos Group, was initially discovered by a researcher with the Twitter handle @simpo13. He tweeted at Talos about his discovery after discovering that the source code of a portion of the malware contained a character string that decoded as: “SourceFireSux.” SourceFire was the original name of one of the components of the Talos Group, which is now part of Cisco. DNSMessenger is a remote access tool, or RAT — malware that enables an attacker to take control of an infected machine. Talos researchers highlighted the malware’s exceptional stealth, attributing it to “an attacker who has taken significant measures to avoid detection.” The […]

The post New fileless malware uses DNS to pull down instructions appeared first on Cyberscoop.

Continue reading New fileless malware uses DNS to pull down instructions→

Cyber EO out in a week or so, says exec briefed by White House

Posted on March 6, 2017 by Shaun Waterman

The White House is putting the finishing touches on a new draft of the cybersecurity executive order originally scheduled for signature in January, and it could be done in a week or so, former IBM CEO Sam Palmisano said Monday. “My sense is that they’re moving along and maybe within a week or so we could […]

The post Cyber EO out in a week or so, says exec briefed by White House appeared first on Cyberscoop.

Continue reading Cyber EO out in a week or so, says exec briefed by White House→

HackerOne goes all pro-bono on open source

Posted on March 6, 2017 by Shaun Waterman

One of the original crowdsourced bug bounty programs is offering its services free to open source projects — as a way to contribute to the maintenance of the internet infrastructure we all rely on. “Open source runs through our veins,” reads a blog post by HackerOne. “We want to give something back.” Outside of web-geek […]

The post HackerOne goes all pro-bono on open source appeared first on Cyberscoop.

Continue reading HackerOne goes all pro-bono on open source→

HackerOne goes all pro-bono on open source

Posted on March 6, 2017 by Shaun Waterman

The post HackerOne goes all pro-bono on open source appeared first on Cyberscoop.

Continue reading HackerOne goes all pro-bono on open source→

Google boosts top bug bounties payments 50 percent

Posted on March 3, 2017 by Shaun Waterman

Google is increasing the bounties it pays independent researchers for finding the most serious kinds of security flaws and vulnerabilities in its software, a company executive said in a blog post from a Indian security conference. “Because high severity vulnerabilities have become harder to identify over the years, researchers have needed more time to find […]

The post Google boosts top bug bounties payments 50 percent appeared first on Cyberscoop.

Continue reading Google boosts top bug bounties payments 50 percent→

Report: U.S. military can’t guarantee retaliation against major cyber attack

Posted on March 3, 2017 by Shaun Waterman

For at least the next decade, cyber superpowers Russia and China will have the capability to launch devastating online attacks against U.S. vital industries like banking and telecommunication, that will “far exceed” any ability of the U.S. military to defend against, Pentagon science advisors say in a new report. Worse, concludes the “Final Report of the […]

The post Report: U.S. military can’t guarantee retaliation against major cyber attack appeared first on Cyberscoop.

Continue reading Report: U.S. military can’t guarantee retaliation against major cyber attack→

How Netgear and Trustwave built a virtuous cycle of vulnerability disclosure

Posted on March 2, 2017 by Shaun Waterman

Good news is rare in cybersecurity, but here’s some: Coordinated, responsible disclosure of software security gaps is increasingly the norm — and manufacturers are more and more willing to work with white-hat hackers who find bugs or flaws in their products. It’s a virtuous cycle — researchers and manufacturers working together to make products more secure — that government wonks […]

The post How Netgear and Trustwave built a virtuous cycle of vulnerability disclosure appeared first on Cyberscoop.

Continue reading How Netgear and Trustwave built a virtuous cycle of vulnerability disclosure→

Researchers hack robots made for homes, factories

Posted on March 2, 2017 by Shaun Waterman

When sci-fi writer Isaac Asimov envisaged a world in which ubiquitous robots had alleviated the need for any human labor, he predicted an immutable set of three laws that would govern their behavior. The first law stated: “A robot will never harm a human being, or by inaction, allow a human being to come to […]

The post Researchers hack robots made for homes, factories appeared first on Cyberscoop.

Continue reading Researchers hack robots made for homes, factories→

Researchers hack robots made for homes, factories

Posted on March 2, 2017 by Shaun Waterman

The post Researchers hack robots made for homes, factories appeared first on Cyberscoop.

Continue reading Researchers hack robots made for homes, factories→

Bill aims at new role in federal cybersecurity for NIST and its framework

Posted on March 1, 2017 by Shaun Waterman

Under a bill approved Wednesday by a House committee, the National Institutes of Standards and Technology would show federal agencies how to implement the Cybersecurity Framework that it developed for companies that own and operate critical industries. For agencies that adopt the framework, it would supplant traditional compliance with federal information security rules. The House Science […]

The post Bill aims at new role in federal cybersecurity for NIST and its framework appeared first on Cyberscoop.

Continue reading Bill aims at new role in federal cybersecurity for NIST and its framework→