Collaborate Disseminate
As if to celebrate its two-year anniversary, Shellshock, one of the most infamous bugs of 2014, ramped up its activity in September.
The post Shellshock Anniversary: Major Security Flaw Still Going Strong appeared first on Security Intelligence.
Continue reading Shellshock Anniversary: Major Security Flaw Still Going Strong
Distributed denial-of-service (DDoS) attacks have been all over the news in recent months, with hacktivist groups taking major targets completely offline. According to IBM Managed Security Services data, the vast majority of DDoS attacks come in one of two flavors: SYN flood attacks, in which bad actors send multiple SYN requests to a victim’s webserver […]
The post Dissecting a Hacktivist’s DDoS Tool: Saphyra Revealed appeared first on Security Intelligence.
Continue reading Dissecting a Hacktivist’s DDoS Tool: Saphyra Revealed
The dust, waves and jubilation have settled on the sports festivities of this past summer. Since we’re in the business of cybersecurity, let’s reflect on one of the malicious activities that attempted to derail focus from this spirited event. Going into the games, many analysts expected the event to be marred by cybercriminal activity spanning […]
The post Anonymous Unleashes Gold Medal DDoS Tools appeared first on Security Intelligence.
IBM observed a spike in malware activity that uses Visual Basic for Applications (VBA) macros to deliver malicious attachments.
The post VBA Macro Malware Jumping on the Ransomware Bandwagon appeared first on Security Intelligence.
Continue reading VBA Macro Malware Jumping on the Ransomware Bandwagon
The energy and utilities industry is built on a highly regulated framework — but that doesn’t mean it’s immune to the threat of a cyberattack.
The post Keeping the Lights On: Security Trends in the Energy and Utilities Industry appeared first on Security Intelligence.
Continue reading Keeping the Lights On: Security Trends in the Energy and Utilities Industry
URLZone, a sophisticated banking Trojan that first emerged in 2009, keeps its inner workings under wraps with extensive anti-research features.
The post Fighting Fire With WinDBG: Breaking URLZone’s Anti-VM Armor appeared first on Security Intelligence.
Continue reading Fighting Fire With WinDBG: Breaking URLZone’s Anti-VM Armor
The IBM X-Force Application Security Research Team discovered a previously undocumented vulnerability in older versions of Nexus 5X’s Android images.
The post Undocumented Patched Vulnerability in Nexus 5X Allowed for Memory Dumping Via USB appeared first on Security Intelligence.
Continue reading Undocumented Patched Vulnerability in Nexus 5X Allowed for Memory Dumping Via USB
Cisco recently addressed two exploits that sound more like delicious drive-thru menu items than dangerous security risks: EXTRABACON and EPICBANANA.
The post Want Fries With Your EXTRABACON or EPICBANANA? Cisco Addresses Two New Vulnerabilities appeared first on Security Intelligence.
Penetration testing is one of the most effective ways to monitor the security of your IT environment and identify vulnerabilities.
The post Identify Vulnerabilities in Your IT Infrastructure, Policies and Procedures Before the Bad Guys Do appeared first on Security Intelligence.
Cybercriminals use code hooking to intercept OS function calls to alter or augment their behavior. The technique is becoming more popular and dangerous.
The post The Increasing Dangers of Code Hooking appeared first on Security Intelligence.