Guest Posts

By David Jacoby

At the time of writing there is a new Facebook phishing attack going on. It will not just try to steal your Facebook credentials; it will also try to steal credit card information and other important information such as security questions.

This Facebook phishing attack is pretty interesting because it does not just try to trick the victim into visiting a phishing website. It will reuse the stolen information and login to the compromised account and change both profile picture and name. The profile picture will be changed to the Facebook logo and the name will be translated to “Facebook Security” but containing special ascii characters replacing letters such as “a” “k” “S” and “t”. Read more »

By Joe Basirico

While assessing software systems of all types a few common mistakes regularly come up. These aren’t mistakes that lead directly to vulnerabilities, but mistakes in how some software companies think about security, that can lead to invalid assumptions, and ultimately which can allow real security vulnerabilities to slip through the cracks. Read more »

By Art Coviello

I just came back from a five-week trip of meeting with customers around the world and never in my entire career have CEOs and corporate boards been as interested in security as they are now. The common theme throughout these conversations was that we are facing a new reality - one of persistent, advanced and intelligent threat.   Read more »

By Vyacheslav Zakorzhevsky

Since June 2011 we have seen a substantial decrease in the number of fake antivirus programs. Right now we are observing 10,000 daily attempts to infect users with Trojan-FakeAV; back in June the figures were 50-60,000. Read more »

By Alex Gostev

Our investigation and research of Duqu malware continues. In our previous report, we made two points: Read more »

By Tillmann Werner

Earlier this week, Microsoft released an announcement about the disruption of a dangerous botnet that was responsible for spam messages, theft of sensitive financial information, pump-and-dump stock scams and distributed denial-of-service attacks. Read more »

By Dmitry Tarakanov

My colleague Jorge Mieres recently found a C&C server of a botnet based on a malicious program called Ice IX. As announced on several user forums, Ice IX is a bot created using the source code of ZeuS 2.0.8.9, which became publicly available in May. The author of the new bot says the program includes substantial enhancements, which should be interesting to those cybercriminals who steal money from users with the help of banking Trojans. Read more »

Perhaps no segment of the security industry has evolved more in the last decade than the discipline of software security. At the start of the 2000s, software security was a small, arcane field that often was confused with security software. But several things happened in the early part of the decade that set in motion a major shift in the way people built software: the publication of Bill Gates's Trustworthy Computing memo, the release of Building Secure Software and Writing Secure Code, and a wave of high-profile attacks such as Code Red and Nimda that forced Microsoft, and ultimately, other large software companies, to get religion about software security. To get some persepctive on how far things have come, Threatpost spoke with Gary McGraw of Cigital about the evolution of software security since 2001.

By Chris Wysopal

In the days following 9/11 we heard alarmist warnings of a coming wave of cyberterrorism. In the early days of the war in Afghanistan when an Al Qaeda computer was found, it was treated as evidence that terrorists knew how to use computers so therefore they would soon be sending worms to shut down or blow up our power plants. During that time I was interviewed on a CNN talk show describing what a terrorist might be doing with a computer that was found to have computer aided design (CAD) software on it.  I said it might be used to figure out the best place to plant a bomb to cause the most damage to a structure.  This wasn’t cyberterrorism. It was using the computer as an engineering tool.  Somehow this got lost by the host of the show who kept on plugging away that cyberterror from Al Qaeda was coming soon.  That never materialized and in the last 10 years I don’t think there has been any documented cases of cyberterrorism.

By Joe Basirico

As a security researcher, I regularly come across software vulnerabilities. Some can have a deep and lasting effect on the way customers and clients view the security of the organization and some can have a fairly minimal impact. Read more »