Npm Update Crashes Linux Systems

An update for the popular Npm package manager used by many developers for JavaScript-based projects crashed Linux systems after changing the permissions for critical directories. Linux users who installed npm 5.7.0 released Feb. 21 quickly took to Twitter and GitHub to report that the update broke their filesystems by changing the permissions on critical system..
Read more

Voting Machines in ‘Murica

We are less than nine months away from the 2018 national midterm elections and states and local municipalities are still scrambling to understand the threat to their infrastructure and to have in place the most secure voting methodologies. What is known is that the U.S. intelligence apparatus has warned congress that Russian meddling in our..
Read more

Colorado Department of Transportation Shut Down 2K Computers after Ransomware Attack

Colorado’s Department of Transportation (DOT) shut down more than 2,000 computers after its network suffered a ransomware attack. First thing in the morning on 21 February, the DOT discovered that ransomware had struck all employee computers running Windows and protected by McAfee anti-virus software. It immediately launched an investigation into what had happened. To contain … Read More The post Colorado Department of Transportation Shut Down 2K Computers after Ransomware Attack appeared first on The State of Security.
Read more

Spectre Patches Reach More CPUs as New Attack Variants Appear

Intel has released microcode patches to address the Spectre vulnerability on additional families of CPUs. Meanwhile, researchers have found a new way of implementing the Meltdown and Spectre attacks, but the variants are covered by existing patches. “We have now released production microcode updates to our OEM customers and partners for Kaby Lake- and Coffee..
Read more

Encryption 101: a malware analyst’s primer

A primer on encryption mechanisms and how they are exploited by malware authors, including an introduction to encryption and the main methods used to encrypt ransomware. Categories: Threat analysis Tags: 101encryptionransomware (Read more...) The post Encryption 101: a malware analyst’s primer appeared first on Malwarebytes Labs.
Read more

Why Cyber Defense Fails at Enterprise Scale and What You Can Do About It

Anti-malware solutions often fail to prevent cyber attacks on end-user applications at an enterprise level. Most endpoint detection platforms are reactive and time-sensitive, so enterprises do more damage control than preventing risk. Isolation and micro-virtualization of endpoints proactively minimizes the attack surface to dramatically reduce breaches and false alerts. You’ve heard the saying, “the best The post Why Cyber Defense Fails at Enterprise Scale and What You Can Do About It appeared first on Bromium.
Read more

Hackers Exploit Right-to-Left Override Bug in Telegram to Distribute Malware

Hackers have exploited a bug in how Telegram’s Windows messaging client displays file names that contain a right-to-left override (RLO) character, to infect users with malware. The RLO character, represented by “U+202E” in Unicode, indicates that the text following it should be displayed from right to left. This is useful for languages like Arabic, but..
Read more

What Your Favorite TV Shows Get Right (and Hilariously Wrong) About Air Gap Technology

Chances are, one of the first places you may have heard about an air gap computer was on TV. Olivia Pope on “Scandal” knows what air gap technology is. Elliot on “Mr. Robot” knows how to circumvent an air gap to gain access to highly secure information. Even Aaron Sorkin’s “The Newsroom” characters know that..
Read more
Page 1 of 2012345...1020...Last »