I'm a believer in responsible disclosure. But...
ResearchExpert content, for researchers by researchers
Amidst a lack of fanfare this past weekend on a mailing list, a memory exhaustion hack popped up for the Apache webserver that may result in a Denial-of-Service (DoS) style attack. Since the Apache application serves up north of 65% of the websites on the internet, a plausible attack becomes quite an issue, especially if
…but it doesn't necessarily want you to be free. Since Cameron Camp and I have written here and here about the implications of the UK government's meditations on curbing civil unrest by curbing social media services, it's interesting to see that the estimable Kim Davis, who previously categorized UK Prime Minister David Cameron's pronouncements as bluster, has also
You may be aware that Cameron Camp and I regularly write articles for SC Magazine's Cybercrime Corner: here here's a catch-up list of the most recent, in the hope that you might find them of use and interest. At any rate, it'll give some idea of the range of content covered. Ten years later, still the same
Aryeh Goretsky's paper won't turn you into a business continuity specialist, but is an excellent primer on why, how and when to back up your data.
Following the plight of the oft-storied WikiLeaks organization, we see a new variant to hit the streets soon, GlobaLeaks. Apparently WikiLeaks has garnered a bit of a following with the community, along with the attraction of a fair share of consternation from governments around the world. This new effort attempts to extend that further. Law
Okay, so they grew from nothing to ubiquity in a few years, hey, my mom has an account. With the growth, users have started clamoring for increased privacy control, and it looks like the message is starting to be heard. Facebook is now trotting out a series of new user privacy controls, so now you
Can’t find a way to support a hacktivist with your l337 sK1LLz? Turns out they take tips, bitcoin tips. We mused awhile back about the emergence of bitcoin as a favorite underground currency. Now, on the heels of the latest announcement by “Anonymous” that they’re releasing personal data belonging to a defense contractor VP with
During the first half of 2011 we have witnessed a significant growth in malware targeting 64-bit platforms, the most interesting examples of which are bootkits.
Is that possible? Well, a researcher with Identity Finder, Aaron Titus, believes so, since he says he managed to use internet searches to unearth a trove of unsecured private health records on a website, around 300,000 of them. He notified the company, Southern California Medical-Legal Consultants, which represents doctors and hospitals seeking payment from patients
... people have been asking me about Google's interesting paper on Trends in Circumventing Web-Malware Detection...
...this is a phish mailed out indiscriminately in the hope of catching a Xoom customer...
Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.
As part of our botnet monitoring initiative, we recently stumbled across an interesting piece of news. The Win32/Kelihos botnet, a likely successor to Win32/Waledac and Win32/Nuwar (the infamous Storm worm), is now sending spam to recruit money mules. We captured two different spam templates used by the bot to generate spam messages. As shown in
Aryeh Goretsky interviewed, as his paper on Possibly Unwanted Applications is published.
...both articles are concerned with breaches of copyright and IP abuse...
'Tis the season to get ready for the autumn round of security conferences.
We see this morning a post about British Prime Minister Cameron’s assertion yesterday during a Parliament presentation that, “Free flow of information can be used for good. But it can also be used for ill. And when people are using social media for violence, we need to stop them.” Sort of hearkens back to the
If you downloaded the Facebook app for your mobile device, and just zipped through the install options (like users commonly do), did you know all your contacts could now be on your Facebook Contact list (formerly Phonebook) and can be datamined by Facebook? This is also disturbing if Facebook itself gets hacked and your phone
I have an Android in my pocket as I type, with all kinds of cool apps ranging from GPS navigation to acoustic guitar tuner (really cool) – and apparently I’m not alone. Users are scooping up the latest batch of Android smartphones in record numbers, and what better target can malware authors ask for? Well,