Original release date: November 13, 2014 Systems Affected iOS devices running iOS 7.1.1, 7.1.2, 8.0, 8.1, and 8.1.1 beta. Overview A technique labeled “Masque Attack” allows an attacker to substitute malware for a legitimate iOS app under a limited set of circumstances. Description Masque Attack was discovered and described by FireEye mobile security researchers
In our recent three-part series, Keeping the RATs Out ( Part 1 , Part 2 , Part 3 ), I tried to provide analysis offering you an end-to-end scenario wherein we utilized more than one tool to solve a problem. I believe this to be very useful particularly when making use of threat intelligence.
Original release date: July 28, 2014 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT)
Over the last couple of days, we have been seeing a number of quite credibly looking phishing emails that impersonate toll-road providers in the US. The agency affected by the current wave is E-ZPass, a toll charging system used mainly in the Northeast. Adapting the template to match the colors and fonts of other organizations, like Florida’s SunPass, would be easy to accomplish for the scammers though, so chances are that we will see more of this
The National Institute of Standards and Technology (NIST) Information Technology Laboratory (ITL) has announced both an updated, and a new initial draft publication, over the past two weeks that is fairly significant to most of us in the security field. The NIST ITL group is charged with â€œpromote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology through research and development in information technologyâ€�
RT @BsidesORL: #bsidesorl is April 5-6 – Thanks Platinum Sponsors @guidepointsec @BHNInsider @teamcymru @ReliaQuest – You make it happen!
RT @BsidesORL: #bsidesorl is April 5-6 – Thanks Platinum Sponsors @guidepointsec @BHNInsider @teamcymru @ReliaQuest – You make it happen! — 2 retweets 0 favorites
The original article/video can be found at Threat modeling in the name of security, (Wed, Feb 19th)