An industry advisory group wants U.S.-based internet service providers (ISPs) to adopt a “code of conduct” for weeding out botnet infections.
Made up of more than 50 experts, the Communications, Security, Reliability and Interoperability Council (CSRIC), which reports to the Federal Communications Commission, drafted the code that gives ISPs a voluntarily blueprint to follow to address compromised computers belonging to their customers. Continue reading New anti-bot code of conduct approved by FCC
Adobe on Wednesday released an update for its Flash Player, the second major security release of the year for the popular software. Version 11.2 closes off two “critical” vulnerabilities in Windows, Macintosh, Linux and Solaris that were present in the prior version released in February, according to a bulletin. Continue reading Adobe patches Flash, includes automatic update option
Today’s exponential increase in attack volume and complexity can largely be chalked up to the cybercriminal’s creed of working smarter, not harder. It isn’t so much l33t hackers toiling at code for hours that enterprises have to worry about. Instead, it is non-technical crooks who can carry out their attacks with a few clicks of a button using automated tools that do the technical dirty work for them. In the database-cracking world, Havij stands as one of the most popular of these tools. As such it should be on the radar of any security professional seeking to prevent costly data breaches within their environments. Continue reading Hacker’s Love Affair With Havij Spells SQL Injection Troubles For Enterprises
Shawn Henry, the executive assistant director of the FBI’s Criminal, Cyber, Response, and Services Branch, told the Wall Street Journal that the government and private sector is outgunned, when it comes to the defending data and networks from cyber criminals.
Henry told the Journal that he didn’t see anyway to come out of the current situation ahead, unless companies were willing to make major changes to their consistently vulnerable networks. Continue reading Current Approach for Dealing with Cybercriminals is “Unsustainable”
On the heels of news earlier this week that Microsoft led an operation that resulted in the takedown of several Zeus botnets, on Wednesday more news came from the security industry on the successful takedown of yet another large botnet.
On Wednesday, experts from Kaspersky Lab along with others including experts from newly formedsecurity firm CrowdStrike, Dell SecureWorks and members of the Honeynet Project, announced the successful takedown of the second Hlux/Kelihos botnet. (Microsoft refers to the botnet as Kelihos, while Kaspersky calls it the Hlux botnet.) Continue reading How a Security Industry Collective Shattered The Latest Hlux/Kelihos Botnet