Category: blog
-
At least 99.4% of spam blocked in recent Virus Bulletin test
All solutions on test blocked at least 99.4% of spam, but some struggled with false positive issues; survey also shows few products support DMARC. The results of the most recent VBSpam spam filter test show that all 18 of the solutions tested blocked at least 99.4% of all spam – although some struggled with false…
-
Macro viruses make a return in targeted attacks
Macros disabled in modern versions of Office, but enabled within many organisations. A report by the National Cyber Security Center (NCSC, the Dutch CERT) points to a resurgence of macro viruses in targeted attacks. Macro viruses are viruses that are written in a software’s built-in macro language. They were very common in the late 1990s,…
-
VirusTotal support integrated into new version of Process Explorer
Sysadmins can check hashes of processes against file-checking service database. Microsoft and Google are known for their fierce competition, but when it comes to security, the tech giants are eager to put that aside. Hence as of this week, Google ‘s VirusTotal has been integrated into Microsoft ‘s Process Explorer . The planned integration was…
-
CSRF vulnerability in USB modems allows for infrastructure-less phishing
Credentials sent to attacker by built-in SMS functionality. Modems and routers aren’t typically known for their security, and modems that allow one to connect to mobile broadband are no exception. Now, a Swedish security researcher has discovered how this lack of security can be exploited in a spear-phishing attack that requires only very minimal infrastructure.…
-
Is your fridge sending spam?
It’s possible that smart devices are sending spam, but it wouldn’t make any difference. Last week, security-as-a-service firm Proofpoint published a press release on a recent spam campaign in which emails had been sent from Internet-connected devices such as televisions and even a fridge. At Ars Technica , Dan Goodin did a good job debunking…
-
Botconf – the ‘first botnet fighting conference’
Tools, ideas and research presented in Nantes. There are far too many security conferences each year for my agenda, budget and brain to handle, and thus I need to choose carefully which ones to attend. But when I first heard of Botconf , I knew immediately that it would be on my must-attend list. France…
-
VB2014: more of the same, plus something a little different
Hackers, network security researchers encouraged to submit abstracts for the conference. The issuing of the call for papers for a VB conference is always an important event for us, but some changes to the conference format for VB2014 mean we are even more excited this year than usual. As the threat landscape has evolved over…
-
Spamhaus CIO calls for those running open DNS resolvers to be fined
Open DNS resolvers instrumental in many DDoS attacks. At the Cyber Security Summit in London, Richard Cox, CIO of DNS blacklist provider Spamhaus , called on the UK government to issue fines to those running open DNS resolvers, PC Pro writes . Open DNS resolvers have become an important tool for those performing DDoS attacks.…
-
Privilege escalation vulnerability targets Windows XP and Server 2003
Vulnerability being used in the wild in combination with exploit of patched Adobe Reader vulnerability. Researchers at FireEye have discovered a new privilege escalation vulnerability affecting Windows XP and Windows Server 2003 that is being used in the wild. For those US-based system administrators who were hoping to spend the Thanksgiving weekend away from their…