blog articles under the 'Research' category

This month’s Microsoft Patch Tuesday release set a new record. Microsoft released a total of 17 bulletins covering 64 CVEs, the largest number of patches in one month to date. While some users may have configured Windows to automatically apply updates in the background, many organizations must stage and test all patch deployments, which may seem daunting this month.

In the wake of Comodo’s announcement of a compromised [1] affiliate Registration Authority (RA) and their subsequent issuance of fraudulent certificates [2], the information security community has given more scrutiny to the process of signing, revoking, and verifying SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificates.

The safety and security of nuclear facilities, power plants and oil/gas production seems a little shakier in recent days. No, this isn't about instability in the Middle East or a nuclear incident in Japan. Two recent announcements have shaken up the industrial controls security community.

On March 17, 2011, RSA announced that a cyberattack that they attributed to an ‘Advanced Persistent Threat’ resulted in the compromise and disclosure of information “specifically related to RSA’s SecurID two-factor authentication products”.

On Friday, September 10, I hinted that a cyber-jihad group might be behind the “Here you have” mass-mailer worm. Here is some additional information.

There are two things one can count on every year at ToorCon: the amazing San Diego

Monkif/DlKroha botnet.

Recently, programmer Ruben Unteregger released the source code for a Trojan

On August 20, 2008, a tragic accident occurred involving a Spanair MD-82 aircraft. The aircraft failed to gain altitude, rolled to the right, and crashed into the ground, killing 154 people. The investigation after the accident discovered that the pilots failed to extend the flaps and slats prior to takeoff, creating an improper takeoff configuration.

Publicly, SecureWorks has long recommended using a separate computer dedicated exclusively to online banking, online retail purchases, account management, and other financial transactions. This would be a computer other than the one used for activities like surfing the web, “window shopping”, email, and social networking.