Breaking News



The speed and scope of software development today is creating new challenges in ensuring the security of software. But they also create the opportunity to finally get application security right. Both the challenge and the opportunity stem, in part, from the fact that security is “shifting left.” The responsibility for ensuring the stability and security of software through production and custo...


Source: Veracode.com

Feb 23, 2018
CA Technologies has released a new report, based on research conducted by industry analyst firm Freeform Dynamics, that sheds light on some of the obstacles for organizations seeking the advantages of a development approach that prioritizes application security, without sacrificing time-to-market and innovation. The report also offers evidence that integrating security throughout the developme...


Source: Kaspersky (securelist.com)

Feb 22, 2018
Every year, vast numbers of people around the globe relish the delightful prospect of filling out tax returns, applying for tax refunds, etc. Given that tax authorities and their taxpayers are moving online, it’s no surprise to find cybercriminals hard on their heels. By spoofing trusted government agency websites and luring users onto them, phishers try to collect enough information to steal b...

Enlarge / Intel Core i9 X-series Skylake X. (credit: Intel) Intel reports that it has developed a stable microcode update to address the Spectre flaw for its Skylake, Kaby Lake, and Coffee Lake processors in all their various variants. The microcode updates help address Spectre variant 2 attacks. Spectre variant 2 attacks work by persuading a processor's branch predictor to make a specific b...


Source: Kaspersky (securelist.com)

Feb 21, 2018
Microsoft Office was a prime target for attacks in 2017. As well as the large number of vulnerabilities discovered and proof-of-concept exploits published, malware authors felt it necessary to prevent detection of ‘one-day’ and ‘old-day’ exploits by antivirus software. It also became clear that using RTF parsing features and peculiarities are no longer enough to effectively evade detection. Alo...


Source: Kaspersky (securelist.com)

Feb 20, 2018
Sofacy, also known as APT28, Fancy Bear, and Tsar Team, is a highly active and prolific APT. From their high volume 0day deployment to their innovative and broad malware set, Sofacy is one of the top groups that we monitor, report, and protect against. 2017 was not any different in this regard. Our private reports subscription customers receive a steady stream of YARA, IOC, and reports on Sofac...


Source: Ars Technica Security RSS

Feb 17, 2018
Enlarge / This may become the new default imagery for Spectre and Meltdown around Intel. (credit: Brian Turner / Flickr) In its annual SEC filing, Intel has revealed that it's facing 32 lawsuits over the Spectre and Meltdown attacks on its processors. While the Spectre problem is a near-universal issue faced by modern processors, the Meltdown attack is specific to processors from Intel and A...


Source: Kaspersky (securelist.com)

Feb 15, 2018
Figures of the year The share of spam in mail traffic came to 56.63%, down 1.68% against 2016. The biggest source of spam remains the US (13.21%). 40% of spam emails were less than 2 KB in size. The most common malware family found in mail traffic was Trojan-Downloader.JS.Sload The Anti-Phishing system was triggered 246,231,645 times. 9% of unique users encountered phishing Global events in s...