After skipping their normal monthly patch day for the first time in years, Adobe was forced to release an emergency update to fix a zero day Flash vulnerability that attackers are exploiting in the wild. According to Kaspersky, criminals are leveraging this flaw in spear phishing emails that contain malicious, Flash-embedded Office documents. If you […]

Read More – Emergency Flash 0day Patch – Daily Security Byte





Source link



In the early 2000s, you probably remember when researchers discovered some vulnerabilities that put the nail in the coffin of Wired Equivalent Privacy (WEP), a security protocol used to protect Wi-Fi communications. Essentially, this WEP vulnerability meant that attackers could quickly crack WEP encryption, and see all your wireless traffic. At the time, this flaw […]

Read More – Krack WPA2 Attacks – Daily Security Byte





Source link



The lengthy break after Mr. Robot season two is finally over! That’s right, it’s time for a weekly dose of everyone’s favorite vigilante hacker drama. Once again, WatchGuard CTO, Corey Nachreiner, is writing his weekly “Mr. Robot Rewind” article series on GeekWire, analyzing the accuracy of the hacks and tech in each new episode. So, […]

Read More – Mr. Robot Returns for Season Three – And So Does ‘Mr. Robot Rewind’





Source link



botnets using residential IP adddresses

The US government is considering allowing companies to “hack back” against cyber attackers. The Active Cyber Defense Certainty Act (ACDC) amends the Computer Fraud and Abuse Act to allow limited retaliatory strikes against cyber attackers. The full PDF amendment is available online. As noted in some comments in an article on the UK Register there […]

Read More – The Problem with Hacking Back: It Might Be Your Network





Source link



Last Tuesday was Microsoft’s regular Patch Day. If you haven’t updated your Microsoft products by now, you’re probably a little behind. Watch the video below for a quick summary of the patches, and use the video as an excuse to catch up on those updates. I recommend patching Office first, to fix the zero day […]

Read More – October 2017 Patch Day – Daily Security Byte





Source link



Malvertising is the act of exploiting legitimate online advertising networks to inject malicious ads onto trusted web sites. Last week, researchers at Proofpoint found malicious ads turning up on one of the most popular adult sites on the Internet. They’ve traced these malicious ads to the Kovter hacking group. Watch the video below to learn […]

Read More – PornHub Malvertising – Daily Security Byte





Source link



Next up on our hacker profiles series, the cyber criminal. You’re probably most familiar with the cyber criminal hacker profile, since they’ve been around longer than the rest. This group’s motive is pretty obvious; to make money using any means necessary. Cyber criminal groups can range from a few lone actors who are just out […]

Read More – Know Thy Enemy: The Money Motivated Hacker





Source link



Despite many reported flaws, biometric authentication has become a popular security control for consumer devices over the past several years. Cybercriminals, researchers and pranksters have been able to fool previous biometric security technology using methods as simple as a lifted fingerprint and some latex, or even printed photographs. So, when Apple introduced the world to […]

Read More – How Private and Secure is Apple’s New Face ID Feature?





Source link



zeroday malware

Using a risk model based on security statistics is a valid and useful approach to defending against cyber attacks. A company can decide that if one type of attack is affecting a large percentage of companies, then chances are, they may be next. The company can take steps to defend against that attack. However, sometimes […]

Read More – The Black Swan in Security Statistics ~ Zero-Day Malware





Source link