Recently, “MUTTS” at Offensive Security Training did an excellent video demonstrating the Metasploit exploit module for the “new” Insecure Library Loading vulnerability (2269637). Part of the title was “We can’t fix this one”. While I assume he meant we can’t fix the vulnerability, I wanted to show that we can prevent the attack itself. ( Read More… )
Watch how whitelisting stops Microsoft DLL hijacking attack
Most recent comment: Top Endpoint Security Stories for November 2010 — If malware is a top security concern, then why does it take so long to fix known vulnerabilities?
[...] their base operating system is not susceptible to the DLL attack. In fact, last August we demonstrated how our ...
McAfee raises the white flag for reactive security… Is whitelisting the answer?
The white flag is a universal symbol of truce, a ceasefire if you will. In war, or in this case the war against cybercrime, McAfee this week issued a sort of truce with its call to arms for the security industry to take the offensive against malware attacks. This action speaks volumes about the current state of the security industry. And we couldn’t agree more. If one of the world’s leading antivirus security software makers is saying that the cat-and-mouse game of trying to keep up with the record amount of malware seen in the first half of 2010 is not working, then we all need to sit up and listen. ( Read More… )
Most recent comment: Toney Jennings
Thank you so much, Greg. We are very excited about our progress, the market overall, and BOUNCER 6. I ...
Hackers winning cat-and-mouse game with antivirus programmers
Ever since malware writers swapped worldwide infamy for hefty profits, they’ve become a larger problem to deal with. And as the game of cat-and-mouse with antivirus software programmers continues, hackers remain one step ahead of their chief nemesis.
In the article, “‘Viruses Are Winning’: Malware Threat Outpaces Antivirus Software,” not only has malware gotten stealthier, it’s multiplied in variety and volume at an unmanageable rate. According to Sean-Paul Correll, a threat researcher at Panda Security, in 2006 the growth in malware samples were doubling year-after-year. By 2009, that number jumped to 25 million new strains, more than the previous 20 years combined. ( Read More… )
Most recent comment: Roger
Hackers do have the edge. They are using sophisticated techniques to exploit vulnerabilities. Organizations can hire experts with security certifications ...
Top endpoint security stories for July 2010 — Targeted attacks heat up in July, broaden scope of intended corporate victims
If targeted cyber attacks weren’t already one of the year’s top security concerns, a new study revealed that they’re no longer limiting their focus on the corporate giants of the world. They’re becoming the norm for midsized businesses, as well. This was just one of several recent reports and newly surfaced malware like the Stuxnet worm that have security professionals on high alert. With more stealthier attacks aimed at beating forensic efforts, cyber crime continues to have a growing impact on organizations and their bottom line. Here are some of the top security stories from July 2010. ( Read More… )
Please use the comment form and leave your thoughts!