Researchers from 0patch, a community of experts that aims at addressing software flaws, released unofficial patches for three Windows vulnerabilities that Microsoft has yet to be fixed. The list of vulnerabilities addressed by 0patch include a denial-of-service (DoS) bug, a file read issue, and a code execution flaw. “While we’re busy ironing out the wrinkles before […]
Reflession on the necessity to adopt a shared regulatory for the security of critical infrastructure. Eugene Kaspersky point of view on the topic. Security of critical infrastructure is a critical urgency of any government, the NIST announced the Framework for Improving Critical Infrastructure Security, a document that proposed cybersecurity standards and practices to build out a security program. The cybersecurity […]
Revelations on Bullrun program demonstrated that NSA has capabilities against widely-used online protocols such as HTTPS and encryption standards. The latest nightmare for US Administration is named Bullrun, another US program for massive surveillance. Snowden‘s revelations represented a heartquake for IT security, the image of NSA and US IT companies are seriously compromised such the trust of worldwide […]
Governments, and in particular US one, are principal buyers of zero-day vulnerabilities according a report published by Reuters. Zero-days exploits are considered a primary ingredient for success of a cyber attack, the knowledge of zero-day flaw gives to the attacker guarantee of success, state-sponsored hackers and cyber criminals consider zero-day exploits a precious resources around […]
Read about APT attacks has become customary, even easier to hear of attacks against political dissidents or minorities as Tibetan and Uyghur activists, but never before has been exploited the Android platform for this type of offensive. In the past Tibetan minorities have been already targeted with malware able to infect Windows and Mac OSs, […]
According security experts the numerous cyber attacks that hit principal IT companies, news agencies and government offices exploited zero-day vulnerabilities in Java software to the point that many recommend to uninstall Java plug-in from our browser unless absolutely necessary. Same clamor had obtained in the past the discovery that malware source codes were signed with […]
Java, Java and once again Java, the popular framework and its vulnerabilities are becoming a really nightmare for security experts, billion of users and their machines are exposed to a series of attacks that try to exploit flaws in the Oracle software. Security worldwide community attributes to the Java vulnerabilities the principal responsibilities for recent […]
Today the principal channel for malware diffusion is considered internet, large diffusion of exploit kits and crimeware such as BlackHole, Cool Exploit and Incognito have automated the infection process over the network. Majority of attacks exploits vulnerabilities in large use applications, such as browsers, and the leak of responsive patch management expose users to serious […]
According last report published by The European Network and Information Security Agency (ENISA)  âENISA Threat Landscape â Responding to the Evolving Threat Environmentâ that summarizes principal cyber threats, critical infrastructures represent privileged targets for emerging trends. Different agents such as terrorists, state-sponsored hackers or hacktivists could be interested in attack control systems within a critical […]
Governments all around the world are committed for the definition of a proper cyber strategy that represents an optimum balance between a good cyber offense and an efficient cyber defense. Cyber conflicts are characterized by the necessity of an immediate cyber response to the incoming cyber threats, in many cases the reaction must be […]