Content tagged with Advanced Threats
Latest
In Fog Of Cyberwar, US Tech Is Caught In Crossfire
Commentary  |  7/9/2014  | 
Distrust of the US intelligence community is eroding consumer confidence and hampering US technology firms on the global stage at a time when the sector should be showing unprecedented growth.
Chinese Attackers Targeting U.S. Think Tanks, Researchers Say
Quick Hits  |  7/7/2014  | 
Government-backed group "Deep Panda" compromised "several" nonprofit national security policy research organizations, CrowdStrike says
Microsoft's Seizure Of No-IP Domains Disrupted Criminals & Innocents Alike
News  |  7/3/2014  | 
Microsoft successfully disrupted roughly one-quarter of the APT actors Kaspersky monitors, but took down millions of innocent hostnames too.
CosmicDuke: Cosmu & MiniDuke Mash-Up
News  |  7/2/2014  | 
F-Secure believes that the combo malware might have connections to the perpetrators of the miniDuke attacks.
Cyberspying Campaign Comes With Sabotage Option
News  |  6/30/2014  | 
New research from Symantec spots US and Western European energy interests in the bull's eye, but the campaign could encompass more than just utilities.
As Stuxnet Anniversary Approaches, New SCADA Attack Is Discovered
News  |  6/26/2014  | 
F-Secure has unearthed a new attack against industrial control systems that goes after European targets, using rare infection vectors.
Luuuk Stole Half-Million Euros in One Week
News  |  6/25/2014  | 
A man-in-the-browser and a big team of money mules quickly, systematically robbed 190 account holders at a European bank.
Economic espionage reckless threat to global economy not just individual states, says CIGI report
Products and Releases  |  6/24/2014  | 
Centre for International Governance Innovation (CIGI)report released.
Crowdsourcing & Cyber Security: Who Do You Trust?
Commentary  |  6/24/2014  | 
A collective security defense can definitely tip the balance in favor of the good guys. But challenges remain.
P.F. Chang's Breach Went Undetected For Months
Commentary  |  6/23/2014  | 
Early reports indicate that the compromise involved a large number of restaurant locations and dates as far back as September 2013.
A Dyre New Banking Trojan
News  |  6/17/2014  | 
Newly discovered RAT sneaks by SSL and steals victims' banking credentials.
Malwarebytes Anti-Exploit launches to protect businesses and consumers from the growing exploit threat
Products and Releases  |  6/12/2014  | 
New technology uses three layers of defense to prevent exploits targeting everyday applications and defeating security software to conduct cyber-espionage and carry out large-scale data theft.
New Commercialized Trojan Takes Fresh Approach To Password-Stealing
News  |  6/10/2014  | 
Unlike most banking malware of today, new Pandemiya skips the Zeus source code and starts from scratch.
Putter Panda: Tip Of The Iceberg
Commentary  |  6/10/2014  | 
What CrowdStrike's outing of Putter Panda -- the second hacking group linked to China's spying on US defense and European satellite and aerospace industries -- means for the security industry.
Greatest Threat
Flash Poll  |  6/4/2014  | 
Global Effort Disrupts GOZeuS Botnet, CryptoLocker; One Indicted
News  |  6/2/2014  | 
An international public-private collaboration involving security companies and law enforcement agencies in 11 countries aims to disrupt the underlying infrastructure of the cybercrime industry.
FireEye: Malware Traffic to Ukraine, Russia Spiked During Peak of Conflict
News  |  5/29/2014  | 
A FireEye researcher posits that a significant spike in malware traffic to Russia and the Ukraine at the height of the conflict between the two countries could be part of a trend -- and could improve threat intelligence.
Dissecting Dendroid: An In-Depth Look Inside An Android RAT Kit
Commentary  |  5/28/2014  | 
Dendroid is full of surprises to assist it in subverting traditional security tactics through company-issued Android phones or BYOD.
Over 90 Arrested in Global FBI Crackdown on Blackshades RAT
News  |  5/19/2014  | 
A collaborative operation by international law enforcement agencies nabbed authors, staff members, and users of the popular software used for everything from blackmail to financial fraud.
Tech Insight: Free Tools For Offensive Security
Commentary  |  5/19/2014  | 
A professional penetration tester offers a look at the latest free and open-source tools available for pen testing and offensive tactics.
FireEye To Buy nPulse Technologies
News  |  5/6/2014  | 
Acquisition will add high-speed, full packet capture technology to FireEye and Mandiant portfolio for detecting and responding to attacks.
Sneaky Windows Folder Poisoning Attack Steals Access Rights
News  |  5/6/2014  | 
Windows challenge-response authentication protocol could be abused by PC hackers to easily access wider corporate networks.
Symantec Unveils New Advanced Threat Protection
Products and Releases  |  5/5/2014  | 
Integrated approach and roadmap of organic innovation produce unparalleled defenses and more value.
Security Flaw Found In OAuth 2.0 And OpenID; Third-Party Authentication At Risk
Quick Hits  |  5/4/2014  | 
Authentication methods used by Facebook, Google, and many other popular websites could be redirected by attackers, researcher says.
Privacy, Cybercrime Headline the Infosecurity Europe Conference
Slideshows  |  5/2/2014  | 
Attendees debate NSA surveillance, privacy reforms, cybercrime defenses, and sharpen their CISO skills.
Report: Financial Firms Voice Concerns About 3rd Party 'Privileged User' Creds
Products and Releases  |  4/29/2014  | 
55 percent of European financial organisations believe third party contractors pose the biggest risk; 52 percent find insider threats harder to detect than last year
New DDoS Stats: NTP Used in 56% of Large Attacks
Products and Releases  |  4/29/2014  | 
Organized Crime Group Scams US Companies Out Of Millions
Quick Hits  |  4/28/2014  | 
Social engineering attack tricks companies into large wire transfers.
NIST Removes Cryptography Algorithm from Random Number Generator Recommendations
Products and Releases  |  4/22/2014  | 
September 2013, news reports prompted public concern about the trustworthiness of Dual_EC_DRBG. As a result, NIST immediately recommended against the use of the algorithm and reissued SP 800-90A for public comment.
Belden Rolls Out Advanced Cyber Security Toolkit
Products and Releases  |  4/22/2014  | 
New Tofino Enforcer Software Development Kit Brings Next Generation Security to SCADA Networks
Cartoon: E2c$y5tion
Cartoon Contest  |  4/18/2014  | 
11 Heartbleed Facts: Vulnerability Discovery, Mitigation Continue
News  |  4/17/2014  | 
Millions of websites, applications from Cisco and VMware, Google Play apps, as well as millions of Android devices are vulnerable -- and the list keeps growing.
Heartbleed Will Go On Even After The Updates
News  |  4/10/2014  | 
What's next now that the mindset is 'assume the worst has already occurred?'
More Than A Half-Million Servers Exposed To Heartbleed Flaw
News  |  4/9/2014  | 
What the newly exposed SSL/TLS threat really means for enterprises and end-users.
One Year Later: The APT1 Report
Commentary  |  4/8/2014  | 
One of the most positive impacts of APT1 is the undeniable rise in the stature of the threat intelligence industry. "Threat Intelligence" is the SIEM, the NAC of 2014.
Advanced Attacks Are The New Norm, Study Says
Quick Hits  |  4/4/2014  | 
According to the Websense 2014 Threat Report, most malicious exploits now are advanced and targeted.
Advanced Persistent Threats: What Are They, Really?
Advanced Persistent Threats: What Are They, Really?
Dark Reading Videos  |  4/4/2014  | 
There seem to be as many definitions of APT as there are actual APTs. So what is an advanced persistent threat, really?
Windows XP
Flash Poll  |  4/2/2014  | 
Cyber Criminals Operate On A Budget, Too
Quick Hits  |  4/1/2014  | 
New report shines light on how attacks have gotten more advanced but still basically use some of the same old, same old, tools
Attacks Rise On Network 'Blind' Spot
News  |  3/27/2014  | 
Interop speaker says DDoS attacks are not the only forms of abuse on the Domain Name Server.
FireEye Releases Comprehensive Analysis of 2013 Zero-day Attacks; Impact on Security Models
Products and Releases  |  3/27/2014  | 
New Research Paper Offers Insight into Industry’s Leading Zero-day and Advanced Threat Detection Models
A Cyber History Of The Ukraine Conflict
Commentary  |  3/27/2014  | 
The CTO for the US Cyber Consequences Unit offers a brief lesson in Russian geopolitics and related cyber flare-ups, and explains why we should be concerned.
Facebook Builds Its Own Threat Modeling System
Quick Hits  |  3/26/2014  | 
The tool helps the social network gather, store, analyze, and react to the latest threats against it.


Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
DevOps’ Impact on Application Security
DevOps’ Impact on Application Security
Managing the interdependency between software and infrastructure is a thorny challenge. Often, it’s a “developers are from Mars, systems engineers are from Venus” situation.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-4988
Published: 2014-07-09
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

CVE-2014-0207
Published: 2014-07-09
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

CVE-2014-0537
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-0539
Published: 2014-07-09
Adobe Flash Player before 13.0.0.231 and 14.x before 14.0.0.145 on Windows and OS X and before 11.2.202.394 on Linux, Adobe AIR before 14.0.0.137 on Android, Adobe AIR SDK before 14.0.0.137, and Adobe AIR SDK & Compiler before 14.0.0.137 allow attackers to bypass intended access restrictions via uns...

CVE-2014-3309
Published: 2014-07-09
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.