via https://thehackernews.com/2013/06/Chrome-Web-Store-malware-app-scanner.html
Malwarebytes unveils ExploitShield-based Anti-Exploit Beta
Malwarebytes has released the first public beta of Malwarebytes Anti-Exploit, a rebranded and improved version of ZeroVulnerabilityLabs’ ExploitShield.
Just as in its previous incarnation, Anti-Exploit is an extremely easy-to-use tool which protects popular applications from zero-day exploits, web-based vulnerability exploits and more.
via https://news.hitb.org/content/malwarebytes-unveils-exploitshield-based-anti-exploit-beta
Email Spoofing – Ways to minimise damage
What is e-mail spoofing?
“Email spoofing” is a term used to describe fraudulent emails in which the sender’s address and other parts of the email header are altered to appear as though the email originated from a different source. Continue reading “Email Spoofing – Ways to minimise damage”
Could terrorists remotely crash your car?
Could a 14-year-old computer hacker in Indonesia remotely take over control of your car as you drive down the Interstate, cause the car to dangerously accelerate and and kill you by crashing it? That’s the scenario raised and explained by AOL Autos in a story about the threat of terrorists and cars — and one that drew a fairly quick rebuke from … (more)
via https://www.topix.net/tech/computer-security/2013/06/could-terrorists-remotely-crash-your-car?fromrss=1
Lock up admin accounts to stop hackers, says Cyber-Ark
Hackers typically target privileged admin accounts to gain access to all computer systems in an organisation, says David Higgins, senior sales manager Cyber-Ark “In many organisations, these accounts are not well managed or controlled, giving hackers unfettered, unaccountable access,” he told the Whitehall Media Identity Management 2013 conference … (more)
Original news article at https://www.topix.com/tech/computer-security on June 20, 2013 at 06:09AM
Tech Terminology De-mystified – Big Data
Big data usually includes data sets with sizes beyond the ability of commonly used software tools to capture, curate, manage, and process the data within a tolerable elapsed time. Big data sizes are a constantly moving target, as of 2012 ranging from a few dozen terabytes to many petabytes of data in a single data set. The target moves due to constant improvement in traditional DBMS technology as well as new databases like NoSQL and their ability to handle larger amounts of data. With this difficulty, new platforms of “big data” tools are being developed to handle various aspects of large quantities of data.
Continue reading “Tech Terminology De-mystified – Big Data”
Use This Powerful Microsoft Tool to Provide Better Security for Windows Programs
Zero-Day Exploits. Unpatched security holes. Security weaknesses that the hackers have discovered but haven’t revealed. These security problems are all too common and conventional anti-malware is no help. So what is the PC user to do? Here is some powerful free security software from Microsoft that can help.
Original news article at https://feeds.feedburner.com/gizmosbest on June 19, 2013 at 02:41PM
US warns of cyber attacks on medical devices
US authorities on Thursday warned makers of medical devices and hospital networks to step up efforts to guard against potential cyber attacks.
Original news article at https://www.topix.com/tech/computer-security on June 14, 2013 at 08:21AM
EMV migration: Lessons from the trenches
In a way, switching from mag stripe technology to EMV in the U.S. is a little like parachuting out of a disabled plane at 20,000 feet. It’s not what you’d choose to do under ordinary circumstances …
Original news article at https://www.atmmarketplace.com/ on June 18, 2013 at 05:07AM
Medical Devices Contain Hard-Coded Passwords, ICS-CERT Warns
The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) issued an alert yesterday warning that some 300 medical devices developed by roughly 40 different vendors contain hard-coded passwords that could be used by unauthorized individuals to access these machines and potentially modify critical settings and device firmware.
US-CERT published the alert in concert with a memo from the United States Food and Drug Administration outlining a set guidelines designed to encourage medical device manufacturers to better secure defibrillators, insulin pumps, pacemakers and other devices before they reach patients.
The warning is based on a yet-unreleased report developed by Cylance researchers Billy Rios and Terry McCorkle. The hundreds of vulnerable devices uncovered by the pair of researchers include surgical and anesthesia devices, ventilators, drug infusion pumps, external defibrillators, patient monitors, and laboratory and analysis equipment.
ICS-CERT is coordinating with affected vendors to identify vulnerable devices and provide fixes for them. In the meantime, they are recommending that device manufacturers, healthcare facilities, and users of these devices take proactive measures to minimize the risk of exploitation of these and other vulnerabilities.
ISC-CERT and the FDA are not aware of any in-the-wild exploits.
The two alerts published yesterday are part of an ICS-CERT and FDA partnership aimed at better protecting patients who may receive treatments involving computerized medical devices.
“The Department of Homeland Security’s (DHS) Industrial Control Systems-Cyber Emergency Response Team (ICS-CERT) is working directly with the Food and Drug Administration (FDA) and medical devices manufacturers, health care professionals and facilities to investigate and address the reported vulnerabilities,” said DHS spokesman Sy Lee. “DHS actively collaborates with public and private sector partners every day to identify and reduce adverse impacts on the nation’s critical cyber systems.”
Original news article at https://threatpost.com on June 14, 2013 at 09:35PM