Malware RSS Feed

In this post, George Silowash describes the results of research exploring how organizations can know if an insider threat product will meet their needs.

The percentage of spam in email traffic in July was up only 0.1 percentage points and averaged 71.2%

In this post, the third installment in a series, David Mundie describes efforts to organize a pattern language for insider threat in a way that makes it as usable as possible.

Step 1: How this started While I was investigating the Trojan.JS.Iframe.aeq case one of the files dropped by the Exploit Kit was an Applet exploiting a vulnerability:

Not many weeks ago Google released a new revision of its flagship mobile operating system, Android 4.3. Although some say that this time updates have been quite scarce, from a security perspective there have been some undeniable improvements (among others, the "MasterKey" vulnerability has been finally patched). One of the most prominent is SELinux. Many cheered the event as a long-awaited move, while others criticized its implementation. Personally, I think that the impact is not that easy to assess, especially if we were to question the benefits for end-users. In order to shed some light we can't help but analyze a bit more what SELinux is, and what is its threat model.