Computer Security Tip of the Day
February 23rd
Every plugin or add-on you install in your browser can expose you to more danger. Only install the plugins you need and make sure they are always current. If you no longer need a plugin, disable or remove it from your browser via your browser's plugin p…
SANS Institute - IT Security Whitepapers
February 23rd
Windows PowerShell has quickly become ubiquitous in enterprise networks. Threat actors are increasingly utilizing attack frameworks such as PowerShell Empire because of its robust APT-like capabilities, stealth, and flexibility. This research identifies s…
February 21st
It has been established best practice to supplement Microsoft Windows with third-party endpoint security solutions that defend against viruses, malware, internet-based, and other threats. With each iteration of Windows, Microsoft has added security measu…
February 20th
New exploits aimed at Linux systems are able to succeed by achieving root access to the OS. But what if you could lock down the OS and enforce security policies from outside of it? This Spotlight Paper explores the concept of ‘immutability’ a…
February 20th
DevOps software development presents a fundamental challenge to traditional software security practices. Multi-day static and dynamic analysis run by a small pool of security experts is not a tenable model when the business demands multiple software relea…
February 19th
Laika BOSS is a file-centric recursive object scanning framework developed by Lockheed Martin that provides automation of common analysis tasks, generation of rich file object metadata and the ability to easily apply file-based signature detections to ide…
New Security Threats
February 24th
Drupal has patched several vulnerabilities – both moderately critical and critical – in two versions of its content management system platform.
February 24th
A recent FBI public service advisory warned of an increase in reports of compromised or spoofed emails involving W-2 forms.
February 23rd
The FCC’s rollback of network neutrality regulations is set to be complete in April, but it won't happen without a fight.
February 23rd
A security researcher found Coinhive code hidden on a Los Angeles Times’ webpage that was secretly using visitors’ devices to mine cryptocurrency.
February 22nd
Google Project Zero researchers are warning of two critical remote code vulnerabilities in popular versions of uTorrent's web-based BitTorrent client and its uTorrent Classic desktop client.