An interesting notion moving through the halls of Congress threatens to change the notions of liability, and introduce more than a few slippery slopes in the world of information security. Stop Online Piracy Act (SOPA) in the house and Protect IP Act (PIPA) in the Senate are the latest government response to the well known [...]
14
Oct
ZeuS goes P2P
Watching the evolution of Malware is a lot like watching Darwinian evolution in fast motion. ZeuS, the pinnacle of malware distro’s, has taken a necessary evolutionary step to increase it’s ability to procreate (to continue the Darwinian reference.) While the initial vectors haven’t changed, there is a new method to continue and upgrade the bot. [...]
03
Oct
It’s what you choose to make it
Security theater is a phrase that gets tossed around a lot these days. Whether the topic is the TSA, PCI or receipt checks at the local wholesale club, there’s a general feeling that security has become about check boxes and feeling secure rather than genuinely securing something. The lethargy isn’t limited to just the security [...]
25
Aug
Apache advisory released
It appears that a flaw in the Apache code, first discovered in 2007, has resurfaced with proof of concept code. The vulnerability exploits the way Apache handles multiple overlapping ranges. There is currently an attack tool floating around in the wild that allows a malicious user to significantly affect the servers CPU and memory usage. [...]
26
Jul
Patch ‘em if you got ‘em…
There are few things that make a hacker happier than an unpatched system. If that unpatched system is a server, the delight rises to obscene levels. A production server running with outdated software represents one of the greatest risks to an organization, and yet this is one of the most prevalent issues facing companies today. [...]
Subscribe
Subscribe to our e-mail newsletter to receive updates.
