Microsoft’s Internet Explorer 10 is the most secure web browser according to the results of a mid-May 2013 NSS Labs’ analysis. Apple Safari 5, Google Chrome 25/26, Internet Explorer 10, Mozilla Foxfire 19 and Opera 12 were all evaluated against malware downloads and socially engineered malware. Results show that Chrome’s malware download protection improved significantly, up to more than 83 percent from a 70 percent performance in NSS’ October 2012 analysis, Browser C…
Tufin Talks ‘Magic’ in Network Security Abstraction
There’s no shortage of reports on the latest network security breaches. Each incident holds its own valuable security lesson but it’s beneficial to recognize the incremental successes paving the way to progress. That’s exactly what Reuven Harrison of Fortinet’s solution partner Tufin did in a blog published last week.
The Honeywords Solution
It’s rare that a week goes by without headlines of data breaches or malware attacks – or the introduction of a solution to stop them in their tracks. The latter is increasingly important, thanks to a rash of exploits on LivingSocial, eHarmony, Sony and Evernote – all part of a long, growing list of high-profile targets. The latest, greatest remedy is what researchers at MIT and RSA have dubbed “honeywords” – a new way to deter hackers from leveraging data…
11MB for a simple conference program application?
As I was following the tweets of IEEE S&P, one of the top academic conferences on security, I saw they had created a special application for the people attending the conferences, with the agenda, paper abstracts and a few news. Figure 1. IEEE Security & Privacy Android application Curious, I downloaded the application for Android (air.org.computer.confprog.sp.apk) and ran it through my automated analysis scripts.
App Security Wins Move at Snail’s Pace
Of 200 enterprise security professionals recently surveyed by Enterprise Strategy Group, 79 percent report Web application security attacks in the past year. In a late April Network World blog on the topic, Jon Oltsik, a principal analyst at ESG, said the study also found thieves attacked Web application features and functions such as application authentication, configuration management, application authorization and session management. Oltsik says the good news is that there’s more em…
XRoads Networks Introduces WEBaXcel™ With Advanced Web Filtering and Link Bonding Technologies
IRVINE, CA–(Marketwired – May 8, 2013) – XRoads Networks, a leading provider of unified bandwidth management platforms, today announced a unique innovation to its EdgeXOS product line. The WEBaXcel network appliance is the only solution on the market that incorporates XRoads Networks’ unique broadband bonding technology with an enterprise class, cloud-enabled web filtering solution from Webroot, a leader in cloud-based security intelligence solutions. The WEBaXcel’s bandwidth bonding capability actually combines the speed of multiple ISP connections in order to accelerate web download speeds and improve overall network performance and reliability
Patch Tuesday On the Way!
Another Patch Tuesday is upon us, and both Microsoft and Adobe have important patches that you should implement right away if you’re impacted. Adobe’s big patch fixes a ColdFusion exploit that allows an attacker to access files located on a server with ColdFusion installed.
1,000 malicious Android samples per day
“Is mobile malware really an issue?” is probably among the most frequent questions my friends ask me regarding my work. I usually like to answer indirectly with a graph as below: Figure 1. Evolution of malicious Android samples.
Microsoft Releases IE8 Fix-It Patch
Are you using Internet Explorer 8? If so, you need to read on
Finding Similarities and Differences at DEX Level
Some time ago, I analyzed two similar samples of Android/Smsilence.A!tr.spy, a fake Vertu application that spies on its victim. One the samples was targeting a Japanese audience, while the other sample was for Korean end-users