Deconstructing a Business Email Compromise Attack
3/29/2018How a tech-savvy New Jersey couple outwitted a German hacker group and saved their home and life savings.
Post a Comment
Author
Profile of David Holmes
World-Wide Security Evangelist, F5 Member Since: 1/27/2015Author
News & Commentary Posts: 8
Comments: 2
David Holmes is the world-wide security evangelist for F5 Networks. He writes and speaks about hackers, cryptography, fraud, malware and many other InfoSec topics. He has spoken at over 30 conferences on all six developed continents, including RSA Europe in Amsterdam, InfoSec in London and Gartner Data Center in Las Vegas.
David writes a bi-weekly column at SecurityWeek, and has had the good fortune to write for DarkReading, SC Magazine, Network World and many other computer security magazines and websites. He has three patents pending for F5 and still contributes code to open-source projects such as OpenSSL.
Articles by David Holmes
How a tech-savvy New Jersey couple outwitted a German hacker group and saved their home and life savings.
Post a Comment
The Mirai Botnet Is Attacking Again…
2/15/2018And the spinoff bots — and all their command and control hostnames buried in the morass of digital data — are hilarious.
Post a Comment
'Reaper': The Professional Bot Herder’s Thingbot
11/16/2017Is it malicious? So far it's hard to tell. For now it's a giant blinking red light in security researchers faces warning us that we’d better figure out how to secure the Internet of Things.
Post a Comment
5 Reasons Why the CISO is a Cryptocurrency Skeptic
10/26/2017If you think all you need is technology to defend against bad guys, you shouldn’t be a CISO. But technology is all cryptocurrency is, starting with Bitcoin.
Post a Comment
How Quantum Computing Will Change Browser Encryption
8/24/2017From a protocol point of view, we’re closer to a large-scale quantum computer than many people think. Here’s why that’s an important milestone.
Post a Comment
Profile of a Hacker: The Real Sabu
7/20/2017There are multiple stories about how the capture of the infamous Anonymous leader Sabu went down. Here’s one, and another about what he is doing today.
Post a Comment
Cloud & The Security Skills Gap
7/6/2015F5 Network security evangelist David Holmes tells how cloud outsourcing can help companies fill the talent gap in three critical areas of enterprise security.
Post a Comment
How The Skills Shortage Is Killing Defense in Depth
1/30/2015It used to be easy to sell specialized security gizmos but these days when a point product gets pitched to a CSO, the response is likely “looks nifty, but I don’t have the staff to deploy it.”
Post a Comment
White Papers
Video
1 Comments
Current Issue
Flash Poll
The State of IT and Cybersecurity
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-15667
PUBLISHED: 2018-08-21
PUBLISHED: 2018-08-21
PUBLISHED: 2018-08-21
PUBLISHED: 2018-08-21
PUBLISHED: 2018-08-21
From DHS/US-CERT's National Vulnerability Database CVE-2018-15667
PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL scheme. The "send" command in the URL scheme allows an external application to send arbitrary emails from an active account without authentication. The handler has no restriction on who can...
CVE-2018-15668PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The "send" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the "send" command with the "attachment_" prefix designate atta...
CVE-2018-15669PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that requests from HTMLIFrameElements are blacklisted. However, other sub-classes of HTMLFrameOwnerElements are...
CVE-2018-15670PUBLISHED: 2018-08-21
An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that OpenURL is the default URL handler. A navigation request is processed by the default URL handler only if t...
CVE-2018-15671PUBLISHED: 2018-08-21
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5P__get_cb() in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This