Breaking News




Source: Kaspersky (securelist.com)

Jul 06, 2017
Being a malware researcher means you are always busy with the struggle against mountains of malware and cyberattacks around the world. Over the past decade, the number of daily new malware findings raised up to unimaginable heights: with hundreds of thousands of malware samples per day! However, while there are some rare and dangerous malware, not every sample is as malicious as these. Moreover...

In my recent blogs, I have announced the upcoming Veracode Community, which will provide our customers, and others looking for application security information, with resources and the ability to collaborate on best practices. I am excited to highlight one of the features that will help you integrate security into your environment to support continuous integration/continuous delivery – The Vera...

There is a scene in the movie Jurassic Park where we witness just how smart the velociraptors are. In order to find a way out of their enclosure, the carnivorous dinosaurs are systematically testing the electric fences for weaknesses, making note of where the fences are weakest and where they are strongest. Once a vulnerability is found in the system (in this case a disgruntled employee turnin...

Enlarge (credit: National Police of Ukraine) The third-party software updater used to seed last week's NotPetya worm that shut down computers around the world was compromised more than a month before the outbreak. This is yet another sign the attack was carefully planned and executed. Researchers from antivirus provider Eset, in a blog post published Tuesday, said the malware was spread thro...


Source: Kaspersky (securelist.com)

Jul 05, 2017
While the (cyber-)world was still shaking under the destructive ExPetr/Petya attack that hit on June 27, another ransomware attack targeting Ukraine at the same time went almost unnoticed. So far, all theories regarding the spread of ExPetr/Petya point into two directions: Distribution via trojanized updates to MeDoc users Distribution via waterhole attacks in Ukrainian news websites (one case...

Enlarge / Damn computer hackers, always trying to steal all my stuff. (credit: Getty Images / C.J. Burton) This article was originally published on Scott Helme's blog and is reprinted here with his permission. We have a little problem on the web right now and I can only see it becoming a larger concern as time goes by: more and more sites are obtaining certificates, vitally important documen...


Source: Kaspersky (securelist.com)

Jul 01, 2017
Much has been written about the recent ExPetr/NotPetya/Nyetya/Petya outbreak – you can read our findings here:Schroedinger’s Pet(ya) and ExPetr is a wiper, not ransomware. As in the case of Wannacry, attribution is very difficult and finding links with previously known malware is challenging. In the case of Wannacry, Google’s Neel Mehta was able to identify a code fragment which became the most...


Source: Veracode.com

Jul 01, 2017
Veracode will soon be launching an online community to give our customers fast and convenient access to AppSec-related content, and the opportunity to share knowledge with other developers and security practitioners. Today, when customers have questions, you can access the Veracode Platform Help Center, contact our technical support team, or contact your program manager for assistance. Bringin...