Data collectors

As we saw from the statistics, tech giants that collect and analyze data to show us targeted advertising are present practically everywhere in the world. And it is these companies that store the most data about people from all over the planet. Read Full Article

APT trends report Q3 2019

The quarterly summaries of APT activity are based on our threat intelligence research and provide a representative snapshot of what we have published and discussed in greater detail in our private reports. This is our latest installment, focusing on activities that we observed during Q3 2019. Read Full Article

Master Keys and Vulnerabilities

Last weeks have been quite busy with announcements of either master keys or Chinese master keysbeing unveiled, both qualifying as critical vulnerabilities for the Android platform. Although things have finally calmed a bit, we are still waiting for the final act in Las… Read Full Article

March 2013 Microsoft Security Bulletins – Low Impact from Pwn2Own, Watch USB Drives for Another Stuxnet

Microsoft releases nine March Security Bulletins. Four of the Bulletins are rated critical, but of the 20 vulnerabilities being patched, 12 are rated critical and enable remote code execution and elevation of privilege. Microsoft software being patched with critical priority include Internet Explorer, Silverlight, Visio Viewer, and SharePoint. So, pretty much every consumer running Windows, and lots of Microsoft shops, should be diligently patching systems today.

Read Full Article

TURKTRUST CA Problems

Microsoft just publicly announced a release to actively “untrust” three certificates issued by Certificate Authority TURKTRUST, a subsidiary of the Turkish Armed Forces ELELE Foundation Company. According to Microsoft, the company made several mistakes resulting in fraudulent certificates issued that could be used to MiTM encrypted communications with gmail or other google properties.

Read Full Article