Our Blog

Categories Archives


You are currently viewing all posts published under NetSec

‘Fileless’ Malware Hides in Server Hardware Components, Stealing Silently

  • Image
  • 0

A recent update for the popular security application CCleaner erupted into a cyber scandal. Millions of users downloaded the latest version of the disk clean-up program as prescribed, and with it, a computer virus. Owner of the CCleaner brand, Avast, found the breach, discovering that it entered and lingered in host servers without detection for months.

The servers belonged to Piriform, a software development company that sold CCleaner rights and hardware to Avast. The company suspects malware came bundled with Piriform server infrastructure. Not the value add Avast wanted.

Either way, the CCleaner debacle has two teachable lessons.

  • 1. Anyone can get hacked, even companies that wrote the book on cybersecurity.
  • 2. Fileless malware is a problem that affects a lot of business infrastructure.

Read more

Go Phish! New FBI Director Wants to Pay You $3.5M

  • Image
  • 0

Go phish! Let's identify a phishing e-mail. This sample spoofs the fbi.gov e-mail domain. It comes addressed from new director Andrew McCabe, who wants to wiretap the Internet apparently. The boilerplate adds some authenticity. Watch out for scams!, it says. The stilted English is the dead giveaway here. Read the second paragraph in the voice of Groot from Despicable Me.

Read more

Most Open Source E-Commerce Apps Fail PCI Compliance

  • Image
  • 0

Two-thirds of open source applications used in business have known vulnerabilities. More than half of those vulnerable apps are rated as “high” severity by the National Institute of Standards and Technology (NIST). They’re not written in obscure languages and frameworks, either—Linux Kernel v.2.6.27.7 and PHP v. 4.0.0 were the two more frequently identified in the report.

Read more

This is a unique website which will require a more modern browser to work! Please upgrade today!