We often talk about the security risks when dealing with third-party app stores. Previous research has shown that third-party app stores are often a hotbed of malware, specifically, malicious versions of popular apps. Aside from malicious apps, we are now seeing a marked increase of “downloader apps” in these stores, whose primary function is to…
Read MoreEmail authentication and validation is one method that is used to help bring down the levels of spam and phishing by identifying senders so that malicious emails can be identified and discarded. Two frameworks are in common usage today; these are SPF and DKIM. SPF (Sender Policy Framework): Defined in RFC 7208, SPF provides a…
Read MoreSecurity researchers have announced a new “vulnerability” in Linux dubbed “Grinch“, which allows for escalation-of-privilege attacks in versions of Linux that use the polkit toolkit for privilege authorization. However, the true threat of this vulnerability is much more limited. The bug was named after the holiday season and the Dr. Seuss character, as some would say that…
Read MoreAround this time in 2013, the most commonly used exploit kit – the Blackhole Exploit Kit – was shut down after its creator, Paunch, was arrested by law enforcement. Since then, a variety of exploit kits has emerged and have been used by cybercriminals. The emergence of so many replacements has also meant that there…
Read MoreWhen I am in the United States I tend to overwork, especially up in the air as many planes today are WiFi-enabled. I just got back from New Orleans, a city with a vibrant atmosphere that I found musically and culturally rich. New Orleans was the venue of this year’s Annual Computer Security Applications Conference…
Read More