Exposed Redis Instances Abused for Remote Code Execution, Cryptocurrency Mining
By David Fiser and Jaromir Horejsi (Threat Researchers) Recently, we wrote an article about more than 8,000 unsecured Redis instances found in the cloud. In this article, we expound on how these instances can be abused to perform remote code execution (RCE), as demonstrated by malware samples captured in the wild. These malicious files have […] more…Demystifying Blockchain: Sifting Through Benefits, Examples and Choices
You have likely heard that blockchain will disrupt everything from banking to retail to identity management and more. You may have seen commercials for IBM touting the supply chain tracking benefits of blockchain.[i] It appears nearly every industry is investing in, adopting, or implementing blockchain. Someone has probably told you that blockchain can completely transform […] more…International Women’s Day in the Channel
I have had the privilege of working with many exceptional people over the course of my career. For International Women’s Day this year, I wanted to feature some of the dedicated and talented women I have the opportunity to work with in the Channel. The following individuals have great advice and stories that we all […] more…Spam and phishing in 2016
The year in figures According to Kaspersky Lab, in 2016: The proportion of spam in email flows was 58.31%, which is 3.03 percentage points more than in 2015. 62.16% of spam emails were no more than 2 KB in size. 12.08% of spam was sent from the US. Trojan.Win32.Bayrob was the most popular malware family […] more…More information
- Diablo 3 Scams Preempt Game Release
- Adobe Flash Player and AIR CVE-2014-0569 Integer Overflow Vulnerability
- Pwned List now offering post-breach notification service to businesses
- Trump Says Will Bar TikTok From US
- Apple Delays Change Likely to Stymie Mobile Ad Targeting
- North Korea-linked Geumseong121 APT group is sending spear-phishing emails to target people interested in North Korean refugees
- Thieves may have used GPS to track burglary victim
- Russian Security Vendor Positive Technologies Dropped From MAPP Member List
- Elon Musk appears to offer $1 million bounty to ‘convict’ those responsible for Twitter ‘botnets’
- Mozilla Launches Secure Open Source Fund