The news of the week is discussed, including the ShadowBrokers’ farewell, GoDaddy’s buggy domain validation issue, MongoDB ransoms, and the latest with St. Jude Medical.
Tag Archives: exploits
Flash Exploit Found in Seven Exploit Kits
An Adobe Flash Player vulnerability used by the Sofacy APT gang was also found in seven of the top exploit kits, according to an analysis by Recorded Future.
Attack Leverages Windows Safe Mode
Researchers say a proof-of-concept attack using Windows Safe Mode can lead to credential theft and allow hackers to move laterally within a corporate network.
New Technique Checks Mitigation Bypasses Earlier
Researchers at Endgame are expected at Black Hat to introduce Hardware Assisted Control Flow Integrity (HA-CFI), which leverages features in the micro-architecture of Intel processors for security.
Attributing Advanced Attacks Remains Challenge For Researchers
Kaspersky Lab researchers participated in a Reddit AMA, touching on topics such as attack attribution, critical infrastructure security, attacker and researcher tradecraft, and the shortage of security talent.
Adobe Flash: 10 shades of vulnerabilities
The 205 vulnerabilities discovered in Adobe’s Flash software so far in 2016, are not all are created equal — but don’t wait to patch them.
The post Adobe Flash: 10 shades of vulnerabilities appeared first on Avira Blog.
Giving Red-Teamers the Blues
Pen-tester Chris Nickerson will, in his Source Boston keynote, explain simple defensive approaches that can thwart the best red-teamers and advanced attackers alike.
Why continuous vulnerability assessments are necessary
The search for an ideal state of security should be a constant pursuit. Continuous vulnerability assessments are therefore a highly recommended practice.
The post Why continuous vulnerability assessments are necessary appeared first on We Live Security.
Canceled Talk Re-Ignites Controversy Over Legitimate Security Research
Citing vendor pressure, a researcher pulled a talk at HITB GSEC Singapore on the security of IP-enabled surveillance cameras.
Bug Bounties in Crosshairs of Proposed US Wassenaar Rules
Bug bounties and rewards programs provide researchers with a measure of income, and if the proposed Wassenaar rules are implemented in the U.S., that initiatives could be adversely impacted.