Cyberwarcon is a brand new event organized yesterday in Arlington, Virginia, and delivered eight hours of fantastic content. The list of speakers was diverse in their interests, from big data visualization technologies and analysis of social media misinformation campaigns, to incidents of Russian speaking APT in the US electrical grid. Read Full Article
Looking back at a year like 2017 brings the internal conflict of being a security researcher into full view: on the one hand, each new event is an exciting new research avenue for us, as what were once theoretical problems find palpable expression in reality. On the other hand, as people with a heightened concern for the security posture of users at large, each event is a bigger catastrophe. Read Full Article
Everyone loves a decent security conference, and BSides Denver provides one with space to breathe. Folks in sunny Colorado looking for a fine local gathering found talks on advanced social engineering, APT herding, securing smart cities and more. Read Full Article
What is most interesting about the StrongPity APT’s more recent activity however, is their focus on users of encryption tools, peaking this past summer. In particular, the focus was on Italian and Belgian users, but the StrongPity watering holes affected systems in far more locations than those two. Read Full Article
This year’s Blackhat USA briefings were held at the spacious Mandalay Bay, bringing speakers from all over the world to deliver mostly technical cyber-security talks. A number of our researchers were there attending talks and participating in the parallel IOActive and BSides events Read Full Article
Microsoft releases thirteen bulletins this month, patching a total of 44 vulnerabilities. More than half of the critical vulnerabilities fixed this month support the web browsers, Internet Explorer and Microsoft Edge. Vulnerabilities rated critical also exist in Opentype font parsing kernel components, Windows Media Player, and the Windows PDF library. Read Full Article
с новым годом! Microsoft rings in the New Year with a new set of ten security bulletins MS16-001 through MS16-010, patching 24 CVE detailed vulnerabilities. Read Full Article
Microsoft posted four critical bulletins today, along with another eight rated Important and lesser. Microsoft’s summary is at the Technet site. All in all, the software maker is patching a large number of vulnerabilities this month, with 37 CVE listed vulnerabilities being fixed with the four critical Bulletins alone. Read Full Article
Microsoft releases six Security Bulletins today, three of them “critical” remote code execution, to fix almost thirty CVE-enumerated vulnerabilities. None of them are known to be publicly exploited, and only a couple are known to be publicly discussed. Read Full Article
Kaspersky Lab researchers presented a closing keynote and three other papers related to targeted attacks and APT research at Virus Bulletin 2015 in Prague. Read Full Article