Want to be a Member of the Program ???

10
March

I wasn’t sure I’d see this Browser Choice update : I set my computer’s Regional Options for the United States even though it’s physically located in Finland (I’m an American after all). Regional settings might trump my IP address, I thought… but it seems not. I manually ran Microsoft Update and was provided access to KB976002

See the article here:
Select Your Web Browser(s)

Category : F-Secure | Blog
10
March

The number of serious zero-day vulnerabilities and potential exploits discovered in recent days is higher than normal.

Link:
Multiple Vendors Affected By New Vulnerabilities

Category : infySEC | Blog
2
March

Google recently announced its latest service Google Buzz , which is considered as the company’s first step in entering the social-networking scene. Naturally, hordes of Internet users became interested in the new application.

The rest is here:
The Buzz on Google Buzz Malware

Category : infySEC | Blog
23
February

Why is it that banking trojans are a problem when all online banks are HTTPS secured and many of them employ multi-factor authentication?

Read more here:
Sprechen Sie SSL?

Category : F-Secure | Blog
4
February

Any penetration tester would agree that pivot attacks, designed to compromise a secondary host to more effectively attack primary targets, are incredibly powerful. Organizations tend to have difficulty protecting all hosts at all times, which is why proper network segmentation is vital should loss of control occur on any one node. Often it’s easier to compromise a host from behind rather than head on

See the original post here:
Web 2.0 Pivot Attacks

Category : Web App Sec | Blog
3
February

There are several security issues affecting all major Web browsers that have remained unaddressed for years (probably because the bad guys haven’t leveraged them aggressively enough, but the potential is there). The problem is that the only known ways to fix these issues (adequately) is to “break the Web” — i.e. negatively impact the usability of a significant and unacceptable percentage of websites

Read more:
The Web won’t be safe, let alone secure, unless we break it

Category : Web App Sec | Blog
22
January

The recent attacks on Google and other large organizations (currently being referred to by others as Aurora, Google Attacks, Hydraq) were a set of carefully orchestrated, sophisticated and highly complex attacks. They comprised malicious threats to all three communication vectors – email, web and files, plus most notably, a zero-day vulnerability in Internet Explorer.

Originally posted here:
Trend Micro To Help Proactively Protect Against Zero-Day Attacks like the recent IE Explorer Exploit

Category : infySEC | Blog
19
January

Internet Explorer’s latest vulnerability is causing Germany and France to advise against its use .

More here:
To IE or Not to IE : That is the Question

Category : F-Secure | Blog
19
January

Recent cyber attacks on Google and other organisations have been covered greatly by the media, much owing to the size and notability of the Companies affected. However, what this incident really does is bring to view the true complexity and sophistication of computer threats, and that any user or organization -  large or small, could potentially be at risk. Although these attacks were orchestrated to target certain groups or organisations, any computer can actually fall prey to them

Go here to read the rest:
Cyber Attacks on Google and Others – Who is Really at Risk?

Category : infySEC | Blog
24
December

While scouting the Web for the latest threats, Trend Micro threat analysts stumbled upon FAKEAV variants riding on the impending eruption of the Mayon Volcano . Renowned for its “perfect cone” shape, the Mayon Volcano became one of the candidates for inclusion in the New 7 Wonders of Nature list. It is not surprising, therefore, that news of its impending eruption , during the Christmas holidays no less, will attract the attention of both curious onlookers and concerned individuals alike

Excerpt from:
PH: Mayon Volcano Eruption Spews Out SEO Attack

Category : infySEC | Blog