Home | Latest News | Popular News | Our Network | About | Contact
Security Research News | www.SecurityPhresh.com
Security Research News
Showing 'Security Research News' from 71 to 80
Hunting COM Objects (Part Two)
11th Jun 2019 [one month ago] from FireEye Research
BackgroundAs a follow up to PartOne in this blog series on COM object hunting, this post willtalk about taking the COM object hunting methodology deeper by lookingat interesting COM object methods exposed in properties andsub-properties...
4 Best Practices To Help You Integrate Security Into DevOps
11th Jun 2019 [one month ago] from Microsoft
Learn how Microsoft evolved its culture, teams, and practices to integrate security into an agile development process that supports a cloud-based world. The post 4 best practices to help you integrate security into DevOps appeared first...
Cyberattack Exposes Travelers’ Photos, Says US Border Agency
11th Jun 2019 [one month ago] from ESET Research
The images, collected over one and a half months, were taken as the travelers crossed an unspecified border point The post Cyberattack exposes travelers’ photos, says US border agency appeared first on WeLiveSecurity
Advancing Windows 10 As A Passwordless Platform
10th Jun 2019 [one month ago] from Microsoft
With the latest update, users can add passwordless phone number accounts to Windows, sign in for the first time with the Microsoft Authenticator app, and more. The post Advancing Windows 10 as a passwordless platform appeared first on Microsoft...
MuddyWater Resurfaces, Uses Multi-Stage Backdoor POWERSTATS V3 And New Post-Exploitation Tools
10th Jun 2019 [one month ago] from TrendMicro
We found new campaigns that appear to wear the badge of MuddyWater. Analysis of these campaigns revealed the use of new tools and payloads, which indicates that the well-known threat actor group is continuously developing their schemes....
CVE-2019-2725 Exploited And Certificate Files Used For Obfuscation To Deliver Monero Miner
10th Jun 2019 [one month ago] from TrendMicro
We found cryptocurrency-mining activity that involves the exploitation of the Oracle WebLogic server vulnerability CVE-2019-2725 with the interesting behavior of using certificate files as an obfuscation tactic. The post CVE-2019-2725 Exploited...
Critical Bug Found In Popular Mail Server Software
7th Jun 2019 [one month ago] from ESET Research
If exploited, the security hole in unpatched versions of Exim could allow attackers to run arbitrary commands on vulnerable mail servers The post Critical bug found in popular mail server software appeared first on WeLiveSecurity
Lessons Learned From The Microsoft SOC Part 2b: Career Paths And Readiness
6th Jun 2019 [one month ago] from Microsoft
In our second post about people—our most valuable resource in the SOC—we talk about our investments into readiness programs, career paths, and recruiting for success. The post Lessons learned from the Microsoft SOC Part 2b: Career paths...
NSA Joins Chorus Urging Users To Patch ‘BlueKeep’
6th Jun 2019 [one month ago] from ESET Research
The alert comes on the heels of Microsoft’s second advisory calling on people to take action before it’s too late The post NSA joins chorus urging users to patch ‘BlueKeep’ appeared first on WeLiveSecurity
Government Sector In Central Asia Targeted With New HAWKBALL Backdoor Delivered Via Microsoft Office Vulnerabilities
6th Jun 2019 [one month ago] from FireEye Research
FireEye Labs recently observed an attack against the governmentsector in Central Asia. The attack involved the new HAWKBALL backdoorbeing delivered via well-known Microsoft Office vulnerabilitiesCVE-2017-11882 and CVE-2018-0802.HAWKBALL...
« Newer 3 4 5 6 7 8 9 10 11 12 Older »