A technical paper by Tavis Ormandy describes the process a sophisticated attacker would take when targeting Sophos users. By design, antivirus products introduce a vast attack surface to a hostile environment. The vendors of these products have a responsibility to uphold the highest secure development standards possible to minimise the potential for harm caused...
Read more »
Watch September’s DDoS attacks as detected and recorded by Team Cymru, highlighting the top 7 most attacked countries and revealing a few surprises along the way. This is a video series where in the second movie, Team Cymru focuses on African issues: such as, what malicious activity is occurring and where, for a one...
Read more »
Google will make OAuth 2.0 authorization available to Android apps as to allow apps leverage the built-in security features of the OAuth 2.0 protocol. OAuth 2.0 protocol can help in mitigating attacks and security incidents. Google Play services has just started rolling out, and even after the rollout is complete, will only be available...
Read more »
Following the discovery of the Java SE 7 0day exploit, a French security researcher by the name of Eric Romang took to task an intensive research related to infected servers used by the alleged Nitro gang. During his research, Eric discovered four files on an infected server which he claims could potentially be related...
Read more »
A deep dive into Flame’s code injection techniques by CERT Polska reveals more facts about one of most sophisticated malware discovered in 2012. Flame (aka Flamer aka Skywiper) exceptional features based on natural interaction with the Operating System, file system, network, and interaction timings allowed it to operate undetected for months and years. This...
Read more »
