History: In the last months and years we have seen multiple DDoS attacks based on amplification techniques (DNS, NTP, Chargen, SSDP) A new amplification attack was spotted in the last week of February (25th – 27th of February). It is, by far, the strongest amplification attack we had and it is based on the Memcached […]
So far, the 2018 has been catastrophic for Intel. Three major vulnerabilities were found in a very short span of time, and Intel team cannot catch up fast enough with the patching and the security updates. The newest one is from the 12th of Jan and disclosed by a Finnish Security Company (F-Secure). It uses […]
Malware is evolving constantly. The threat landscape is so dynamic that yesterday’s news is not news today. The malware business is a full-blown industry that can easily size up with the IT security industry. Recent major security breaches: NiceHash, the largest Bitcoin mining marketplace, has been hacked, which resulted in the theft of more than […]
New extremely large Botnet is being built – Nicknamed IoTroop or IoT Reaper Remember Mira? The worm that prayed on unsecure IoT devices. It managed to spread and gain control using quite a simple method to gain entry – reusing the hard-coded or default password for IoT devices which were well-known by then, and the […]
We live in interesting times There is a Chinese proverb/curse saying: May you live in interesting times? Why is this intended as a curse? Maybe living in interesting times means living in challenging times. The security environment is so dynamic these days, it is certainly interesting to see how things change all the time, vulnerabilities […]
Wi-Fi is everywhere, everything is on Wi-Fi now, phones, tablets, laptops, even home PCs, game consoles, smart devices (IoT), sensors etc. The security of WiFI is imperative, and has been entrusted to the WPA2 protocol. For that protocol, thus far all exploits have been connected to guessing the security key (hence reliant on customers having […]
As you probably know the Equifax (one of the three big credit bureaus in North America and UK) announced it was breached (discovered unauthorized access) on the 29th of July. So far, the predictions are that this leak of sensitive personal data impacts over 143 Million American, Canadian and British citizens. What is a credit […]
A new malware Nyetya (combination of words from Nye Petya, meaning NOT Petya), also known as Petrwrap and GoldenEye has been spreading globally over the last 24 hours. This virus is distinct from WannaCry and other initially suspected variants, it has some unique new features which makes it harder to detect and defend against, clearly […]
Cisco currently has multiple endpoint security solutions in place – CWS (Cloud Web Security / Scansafe), Umbrella (OpenDNS) and AMP for endpoints are prime examples. AMP is a different breed of endpoint protection, it relies heavily on detection based on heuristics and cloud sandboxing, where as CWS and OpenDNS both concentrate very strongly on making […]
As you might be aware this Friday (12th of May 2017) there was a massive outbreak of a new type of crypto virus dubbed WannaCrypto aka WannaCry. The UK was hit the hardest, especially in the Health Sector, with Spanish Telecom – Telefonica, along with Portuguese & Argentinian telecoms and Russia. How does that affect […]
Engineering excellence, where you need it, when you need it