Mark Dowd on Exploit Mitigation Development
Mark Dowd discusses why certain exploit mitigations have been so successful in driving up the cost of exploit development for attackers. Continue reading Mark Dowd on Exploit Mitigation Development
Collaborate Disseminate
Mark Dowd discusses why certain exploit mitigations have been so successful in driving up the cost of exploit development for attackers. Continue reading Mark Dowd on Exploit Mitigation Development
A researcher at this year’s Security Analyst Summit staged a series of honeypots at his friends’ houses to record IoT traffic, exploit attempts and other statistics. Continue reading Stories From Two Years in an IoT Honeypot
A researcher poked holes in seven different IoT devices at last week’s Security Analyst Summit, including a host of travel routers, NAS devices, and an IP-enabled camera. Continue reading Travel Routers, NAS Devices Among Easily Hacked IoT Devices
A researcher poked holes in seven different IoT devices at last week’s Security Analyst Summit, including a host of travel routers, NAS devices, and an IP-enabled camera. Continue reading Travel Routers, NAS Devices Among Easily Hacked IoT Devices
David Jacoby and Frans Rosén said at this year’s Security Analyst Summit they offered companies free pen-testing and raised $15,000 for charity in the process. Continue reading Creating a More Altruistic Bug Bounty Program
Researchers at the Security Analyst Summit on Monday divulged details behind the alleged creator of a Romanian phishing kit. Continue reading Details Around Romanian Phishing Kit Creator, Campaign Revealed
Mike Mimoso and Chris Brook recap the first day of this year’s Security Analyst Summit, including Mark Dowd’s memory corruption bug keynote, the digital archeology around Moonlight Maze, ATM hacking, and the Lazarus APT. Continue reading Security Analyst Summit 2017 Day One Recap
Attackers behind February’s fileless malware attacks dropped malware on some bank ATMs that gave them the ability to dispense money, “at any time, at the touch of a button.” Continue reading Fileless Banking Malware Attackers Break In, Cash Out, Disappear
Researchers may have found a link between Moonlight Maze of the late ’90s and the Turla APT, which would elevate Turla to the ranks of the Equation Group as an elite nation-state attacker. Continue reading Russian-Speaking Turla Joins APT Elite
This year’s Security Analyst Summit is previewed and the news of the week is discussed, including a Microsoft IIS zero day, a new Mirai variant, and the broadband privacy ruling. Continue reading Threatpost News Wrap, March 31, 2017