Google Uses Reputation To Detect Malicious Downloads
An posting from DarkRead about Google Uses Reputation To Detect Malicious Downloads: Google researchers have combined a number of reputation techniques to create a system that is 99 percent successful in detecting and blocking malicious executables downloaded by users of its Chrome browser.
The system, known as Content-Agnostic Malware Protection or CAMP, triages up to 70 percent of executable files on a user’s system, sending attributes of the remaining files that are not known to be benign or malicious to an online service for analysis, according to a paper (pdf) presented at the Network and Distributed System Security Symposium (NDSS) in February. While the system uses a blacklist and whitelist on the user’s computer to initially detect known good or bad files, the CAMP service utilizes a number of other characteristics, including the download URL, the Internet address of the server providing the download, the referrer URL, and any certificates attached to the download.
To read more click here:
What the Cloud means to Enterprise Security
The enterprise security industry is being completely transformed by the emerging world of the mobile, social, BYOD enterprise. As the traditional corporate security perimeter evaporates, the challenges of authenticating and securing mobile, globally dispersed employees from advanced web threats expands exponentially. In response, today’s leading edge CISO’s and senior IT executives are turning to security-as-a-service to solve what may be the toughest challenge they’ve faced in years.
Join guest speaker Lawrence Orans, Research Director at Gartner, for a complimentary webcast to learn what the cloud means to your enterprise security, and the key capabilities to look for as you move to incorporate cloud technology into your enterprise security strategy.
Click Here to Register.
You’ll learn:
- Why the proliferation of mobile devices is making your traditional security appliance infrastructure irrelevant
- The key requirements of a global “security-as-a-service” solution and how it’s complementing existing security infrastructures
- How “security-as-a-service” is enabling the world’s largest companies to reduce backhaul traffic costs by more than 60%
- How “Big Analytics” is providing actionable insights into security threats, user productivity, and compliance violations
- How the world’s largest Security Cloud is securing today’s most demanding global brands
Don’t miss this opportunity to hear from industry thought leaders how a move to the cloud can drive your business forward and create a scalable infrastructure that securely enables innovation.
Click Here to Register.
About Zscaler
Zscaler is transforming enterprise security with the world’s largest security cloud built from the ground up to safely enable users doing business beyond the corporate network. See why global enterprises are using Zscaler today to simplify their IT operations, consolidate point security products, and securely enable their business for mobility, cloud and social media.
Why Your Next Phone Will Include Fingerprint, Facial, and Voice Recognition
An posting from Forbes about Why Your Next Phone Will Include Fingerprint, Facial, and Voice Recognition :
In some ways, it’s a marvel that even half of consumers bother to lock their phones.
You would think the benefits would be obvious enough: by entering a few numbers, you can achieve a basic level of protection from prying eyes. But according to a recent study, 44% of users said that even this was too much of a hassle – worse, 30% weren’t even worried about mobile security at all. From 0000 to 9999 there are 10,000 possible combinations of digits, yet in a sample of 3.4 million passwords, over 10% were cases in which somebody decided that “1234″ was their best choice.
To read more click here:
Public safety personnel targeted by DoS attacks flooding phone lines
An article from SCMagzine about Public safety personnel targeted by DoS attacks flooding phone lines:
Telephone lines for public safety and emergency communication workers have been inundated with bogus calls, an attack characterized by the U.S. Department of Homeland Security and FBI as telephony denial-of-service (TDoS), which is being used to extort money from victims.
Last month, both agencies issued a joint alert to public sector personnel at emergency call centers. On Monday, security blogger Brian Krebs posted the security alert on his website, making the news publicly available.
To read more click here:
Hackers Compromise The War Z Forum, Game Databases
An posting from ThreatPost about Hackers Compromise The War Z Forum, Game Databases:
Hackers compromised the forum and game database of the massively multiplayer online game, The War Z, forcing the game’s producer OP Productions to temporarily take the game and its forum offline.
In a security alert issued yesterday, OP Productions informed The War Z players of the breach and subsequent game and forum downtime. According to the alert, hackers accessed and may have exposed the players’ email addresses and encrypted passwords used to login to the game and forum, in-game character names, any information posted on the forum, and the IP addresses for machines that logged into the forum and the game.
To read more click here:
Firefox’s Version 20 Patches 11 Serious Flaws
An posting from TechNews on FireFox Patches :
Firefox was not exactly full of vulnerabilities previously, but now users of Mozilla’s customizable Web browser can rest even easier. In its 20th version, Firefox patches 11 potentially catastrophic security flaws while introducing a few privacy and convenience features for the average user.
While Mozilla still pinpoints more than 3,000 bugs for the browser, few of them threaten the average user anymore. Some of the flaws patched — like modified image files from the Cairo graphics library, or Mesa graphics drivers causing WebGL to crash on Linux
systems — were quite dangerous, but fairly obscure
To read more click here:
