A zero-day or zero-hour exploit is exploiting a network’s vulnerability by launching an attack on the same day that the vulnerability begins, or becomes known. Network administrators, anti-virus providers, and software developers take time to discover and understand the nature of the vulnerability and set up protective measures such as patches or increasing security, but the attacker takes advantage of this critical time lag to do the damage.

Continue Reading →

The recent case of hackers penetrating defense major Lockheed Martin’s network is an eye-opener for companies to strengthen their network security measures. The hacker apparently used sophisticated methods of penetration using RSA SecureID tokens, hitherto considered amongst the best form of protection in the industry. RSA SecurID offers a two layer protection by requiring users to enter their password and a secret code number generated cryptographically (that changes ...

The proliferation of URL shorteners online, especially for social network sites such as Twitter that restrict tweets to 140 characters, and the subsequent popularity of shortened URLs raise grave security risks. URL shorteners mask the real identity of the web-page, and users who click on such shortened links ignore the cardinal rule of internet security “Never click on unknown links.” Unsuspecting users clicking on shortened URLs that contain ...

Anti-malware is a reactive technology, with most anti-malware applications checking signatures to detect malware. Anti-malware operators use honey pots and other methods to identify malware, or users submit malware files to them after succumbing to attacks. The anti-malware applications keeps a database that is updated constantly and checks all traffic against such signature.

What this effectively means is anti malware applications will not recognize a malware if ...

With security systems now able to identify most botnets and spams, mass-spam attacks have lost financial appeal to spammers. Spam statistics collected by Cisco’s Security Intelligence Operations (SIO) confirm this trend. The total number of spam declined from 300 billion in June, 2010 to 40 billion in June, 2011. A major reason for this noticeable drop is the concentrated international effort that succeeded in neutralizing or removing the world’s worst ...

Stuxnet, the “malware with a mission” earned notoriety last year when it corrupted the programmable logic controllers (PLCs) that operated the centrifuges used to enrich uranium at the Natanz nuclear plant in Iran. This malware speeded up and then slowed down the centrifuges, all the while reporting to the nuclear plant operators that the centrifuges are working properly.

Stuxnet accomplished this feat using zero-day vulnerabilities, manipulating the ...

In yet another instance of reputation attack, the media mogul Fox News had its twitter account compromised and used to publish fake news of US President Barrack Obama’s assassination!

The hackers entered the account by about 2 AM New York Time and started adding a stream of feeds that read –

“BREAKING NEWS: President @BarackObama assassinated, 2 gunshot wounds have proved too much. It’s a sad ...

The US Department of Homeland Security investigation on how hackers managed to hack into the defense major Lockheed Martin has revealed new details of how the breach occurred. Human error was apparently the culprit.

Hackers exploited the news that RSA Security, the company that provided security tokens to Lockheed, was hiring employees. The hackers sent emails with attached Excel spreadsheets titled “2011 Recruitment Plan,” to two small ...