The head of security firm Kaspersky's Global Research and Analysis Team, Costin Raiu, says in 2019 more than 70 security companies were given samples of malware that was created by the CIA.
Whenever one picks up a book with an eye to writing about it, one necessarily needs to know the subject matter therein. The recent book This Is How They Tell Me The World Ends — an ungrammatical title if anything — claims to be a book about the zero-day "industry" as per the author, Nicole Perlroth, a staff reporter for the New York Times, who covers cyber security. (I dislike that word "cyber" and will use infosec right through this piece.)
A version of the CANVAS exploit platform, that can be used to test the vulnerability of computer systems or to break into remote systems using exploits that come along with it, has been leaked on the VirusTotal database and can now be accessed by all paid subscribers of the service.
A French researcher claims to have found a working exploit for the Spectre vulnerability on Linux systems on the VirusTotal database, the first such exploit to come to light since the flaw was made public by Intel back in 2018.
UPDATED 11 February: Ex-NSA hacker and former owner of security company Immunity, Dave Aitel, has launched a fresh salvo of tweets against a book published by New York Times cyber security reporter Nicole Perlroth, after securing and reading a copy of the tome which was published on Tuesday US time.
Former NSA hacker and ex-owner of security company Immunity, Dave Aitel, has once again criticised New York Times' cyber security reporter Nicole Perlroth, claiming that nearly every detail in a piece the journalist wrote to promote an upcoming book of hers is wrong.
Veteran vulnerability researcher Dave Aitel has offered his views on a major flaw in the BIG-IP range of devices, saying that the fact many people had assumed it had never been found and exploited could well be incorrect.
A row has broken out between researchers from Google after ex-NSA hacker Patrick Wardle revealed the details of two zero-day vulnerabilities in the Mac version of Zoom that could be exploited to give the attacker root access. Neither vulnerability is remotely exploitable and can only be taken advantage of by a local attacker – someone who has physical access to the machine in question.
US security firm Immunity has started selling an exploit to take advantage of a flaw in Microsoft's proprietary remote desktop protocol. The vulnerability was revealed in May.
The row between information security professionals and The New York Times, over an article it ran recently, claiming that a ransomware attack on local government offices in Baltimore, Maryland, was carried out through the use of a leaked NSA exploit known as EternalBlue, has moved in a different direction, with some of the infosec people themselves coming under attack – from their peers.
A number of information security professionals in the US have sharply criticised The New York Times over an article it ran recently, claiming that a ransomware attack on local government offices in Baltimore, Maryland, was carried out through the use of a leaked NSA exploit known as EternalBlue.
There are many things that one can say about America's premier spy agency, the NSA, but one can never accuse it of not instilling an incredible degree of loyalty among most of its employees, to the extent that those who left its portals decades ago still carry water for it when someone attacks the agency.
Organisers of the security conference Infiltrate are reportedly not allowing journalists to attend this year, though it is understood that there has been no such ban in the past.
The author of a book who wrote that the security firm Mandiant had hacked into the computers of a Chinese military unit while it was investigating the activities of the group, known as APT1, appears to be standing by his claims.
Last year, the three big mainstream US newspapers ran articles that more or less spelt the death knell for Kaspersky Lab's deals with the American public sector. The new year has hardly begun, but The Wall Street Journal has been quick off the mark to recycle old claims against the Russian security firm, apparently relying on the old adage that if mud is thrown, then some will stick.
The head of American security firm Immunity, Dave Aitel, appears to be backtracking on his claims, made in August, that British security researcher Marcus Hutchins had "something to do" with the WannaCry ransomware which hit Windows computers globally in May.
The head of American security firm Immunity, Dave Aitel, appears to have egg on his face after the US Government officially attributed the WannaCry ransomware to North Korea on Tuesday.
Even as many security researchers rallied around Briton Marcus Hutchins, who was arrested in the US last week on allegations of creating the banking trojan, Kronos, the head of security firm Immunity, Dave Aitel, has cast the cat among the pigeons by claiming that Hutchins was also behind the WannaCry ransomware.
Security firms are continuing to use last month's WannaCry ransomware attack to shamelessly plug their wares, with McAfee the latest to do so, warning the Australian Government that cyber crime is becoming more and more sophisticated.
The group that released a data dump containing exploit tools created by the US National Security Agency is apparently having difficulty finding buyers for the same.
Has Jennifer put the Dud in Dudley-Nicholson?
The problem lies with so-called pundits who are trying to push a particular line and do not bother to verify[…]
If disinformation about the 2016 USA election was bad then the disinformation about the 2020 election was a disaster.The problem[…]
Why do you promote Wondershare Mockitt as a free alternative, given that its official page linked by you, clearly states[…]
Look, history has shown that if something can be done, then it will be done. The use of AI to[…]