Zombies (the shambling, brain-eating kind, rather than the computer kind) are all the rage these days. They’re on TV shows and video games. There are even real-life zombie walks. For whatever reason, they’re the current, fun way we like to scare ourselves.
It's not surprising when people are looking to make a little fun mischief that they would pick zombies. There’s a point where hacking and playing come together, and we've seen this lately with zombies. People have hacked roadway signs to warn ...
The term “Watering Hole” has become a popular way to describe targeted malware attacks in which the attackers compromise a legitimate website and insert a “drive-by” exploit in order to compromise the website’s visitors. Two recent papers by our friends at RSA and Symantec documented such attacks.
Of course, such attacks are not new. This technique has long been used by indiscriminate cybercriminal attacks as well as targeted malware attacks. I documented the use of such techniques in 2009 and 2010 ...
We often debate who the most sophisticated hackers in the world are. I firmly believe that there is a direct correlation between the chess-playing community and hacking. To this point, I would tip my hat to the Eastern European hacker crews of 2011 and 2012.
There are three historical factors that distinguish Eastern Europe hackers from those in the rest of the world:
An educational culture which has long emphasized mathematics and chess
A robust underground economy
A well-developed “tradecraft’’ of criminal activity that ...
Trend Micro researcher Lion Gu, together with other security researchers belonging to the China Education and Research Network Computer Emergency Response Team (CCERT) have written a white paper titled Investigating China’s Online Underground Economy containing a comprehensive look into the cybercrime underground in China. The result of months of hard work, research, and thorough analysis, the paper describes the architecture, the targets, and the techniques of Chinese cybercriminals. (The English-language version of this paper was published by the University of ...
The month of June is turning into a very bad month for password security. Last week three major sites - Linkedin, eHarmony, and last.fm - all suffered from major leaks that put millions of user passwords online. Earlier this week, it was revealed that the game League of Legends has also suffered its own flaw which put customer data - including passwords - out into the open.
What have we learned about password security from these incidents? That people are still ...
