Mobile security pressures building

May 20, 2013 Comments: 5

With the increasing usage of mobile devices for critical functions at work, and in banking and ecommerce transactions, coupled with explosive growth in mobile attacks, pressure is building on mobile security.
Continue reading

Big Brother’s tool of choice – FinFisher

May 6, 2013 1 Comment

The commercial intrusion and monitoring kit favoured by governments around the world, is FinFisher, a surveillance tool developed by UK-based Gamma International. It comprises a Command & Control structure and an agent called FinSpy.
Continue reading

Calamitous password breach

April 29, 2013 1 Comment

LivingSocial is the latest in a growing line of organisations suffering a calamitous breach in which customer login data has been exposed. It involved 50m LivingSocial usernames and passwords.
Continue reading

Voted Best New Security Blog

April 24, 2013 Comments: 3

This blog has been voted the Best New Security Blog in the 2013 European Security Blog Awards.
Continue reading

How sophisticated is the current crop of Android malware?

April 17, 2013 Leave a comment

Much has been publicised recently about the threat of Android malware, including my earlier post of an Android storm warning. The question is: How sophisticated is the current crop of Android malware? I address this question here by evaluating the Stels trojan which appeared recently. I will assess the sophistication of Stels on four elements, and give it a subjective score out of five for each (with 1 being very unsophisticated and 5 very sophisticated):
Continue reading

A RAT named Poison Ivy

April 14, 2013 Leave a comment

In February 2013, Mandiant published a report exposing APT1, one of the cyber espionage units based in China. They found that APT1 is one of the most prolific cyber espionage groups, having stolen hundreds of terabytes of sensitive proprietary data through Advanced Persistent Threats (APTs). Mandiant concluded that APT1 is likely Chinese government-sponsored and has links with the People’s Liberation Army Unit 61398.
Continue reading

DDoS attacks – how they work

April 8, 2013 Leave a comment

A Distributed Denial of Service (DDoS) attack attempts to deny legitimate users of a web service by tying up server resources. Typically, a DDoS attack uses a botnet to send a large volume of traffic to the targeted web service. Botnets are available for hire to DDoS attackers for from $5 to $200 per hour. Generally DDoS attacks continue for about a day and can cause considerable disruption to the targeted organisation.
Continue reading

Follow

Get every new post delivered to your Inbox.