Breaking News




Source: Kaspersky (securelist.com)

Feb 20, 2018
Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a highly active and prolific APT. From their high volume 0day deployment to their innovative and broad malware set, Sofacy is one of the top groups that we monitor, report, and protect against. 2017 was not any different in this regard. Our private reports subscription customers receive a steady stream of YARA, IOC, and reports on Sofac...


Source: Ars Technica Security RSS

Feb 17, 2018
Enlarge / This may become the new default imagery for Spectre and Meltdown around Intel. (credit: Brian Turner / Flickr) In its annual SEC filing, Intel has revealed that it's facing 32 lawsuits over the Spectre and Meltdown attacks on its processors. While the Spectre problem is a near-universal issue faced by modern processors, the Meltdown attack is specific to processors from Intel and A...


Source: Kaspersky (securelist.com)

Feb 15, 2018
Figures of the year The share of spam in mail traffic came to 56.63%, down 1.68% against 2016. The biggest source of spam remains the US (13.21%). 40% of spam emails were less than 2 KB in size. The most common malware family found in mail traffic was Trojan-Downloader.JS.Sload The Anti-Phishing system was triggered 246,231,645 times. 9% of unique users encountered phishing Global events in s...

The shift to DevOps and DevSecOps has already happened, it's only a question of when we all catch up. Organizations in all industries are creating software not only faster, but also more precise, collaborative, and incremental ways than ever before. In fact, we’ve seen the shift in our own customer base, where the percentage of applications scanned for security on a weekly basis jumped 50 perc...


Source: Kaspersky (securelist.com)

Feb 14, 2018
Introduction Of all the forms of attack against financial institutions around the world, the one that brings traditional crime and cybercrime together the most is the malicious ecosystem that exists around ATM malware. Criminals from different backgrounds work together with a single goal in mind: jackpotting. If there is one region in the world where these attacks have achieved highly professio...


Source: Veracode.com

Feb 14, 2018
Speed rules in software development today. The DevOps model means getting newer, better, faster into the hands of customers as quickly as possible is the name of the game. But where does that leave security? If it’s not done right -- overlooked or worked around. Done right -- it’s embedded into the software development process from day one, unobtrusively checking for and removing vulnerabiliti...


Source: Kaspersky (securelist.com)

Feb 13, 2018
In October 2017, we learned of a vulnerability in Telegram Messenger’s Windows client that was being exploited in the wild. It involves the use of a classic right-to-left override attack when a user sends files over the messenger service. Right-to-left override in a nutshell The special nonprinting right-to-left override (RLO) character is used to reverse the order of the characters that come a...


Source: Ars Technica Security RSS

Feb 13, 2018
(credit: Jerry Raia) Windows Defender Advanced Threat Protection (ATP), Microsoft's security software that combines end-point security and data collection with cloud analytics, has hitherto been unique to Windows 10. But no longer; Microsoft announced today that it's bringing the same features to Windows 7 and Windows 8.1. Coming this summer, the Endpoint Detection and Response (EDR) portion...