Researchers at RSA have conducted an in-depth analysis of a Chinese virtual private network (VPN) service that has been used by advanced persistent threat (APT) groups to anonymize and obscure their activities.
A new version of the Rig Exploit Kit is fueling a malware campaign that has already claimed close to one million victims.
As part of my day job, I have the distinct pleasure of studying enterprise security programs – or at least slices of them – in their native habitat. I spend time with CISOs and other security leaders at many different levels to understand, learn from and aggregate the successes, failures and lessons from these security program elements. Before I even embarked on this role, I was known to lament the difficulty of putting together a solid security program.
A large malvertising attack recently hit the Yahoo! advertising network, which leveraged Microsoft Azure websites and eventually redirected browsers to pages hosting the Angler Exploit Kit to compromise systems.
The malicious campaign started on July 28, and has since been shut down, according to Malwarebytes, the security firm that discovered the attack.
Building a business can be expensive and time-consuming, and owners will look for ways to save money wherever they can. Researchers from RSA Security have found a VPN provider in China that is taking this to an unusual extreme: hacking Windows servers around the world for use as VPN nodes on a network that is […]
An unpatched local privilege escalation vulnerability in Apple’s OS X operating system has been exploited by malicious actors to install adware and other suspicious applications on vulnerable computers.