Easier to steal technology than create your own: China acts

KrebsonSecurity  has a story discussion of an old intrusion. The Iron Dome manufacturers with its successful anti-missile shield found out during 2011-2012 Elisra Group, Israel Aerospace Industries, and Rafael Advanced Systems.   The hackers “Comment Crew”  stole sensitive documents from the networks of the manufacturers over the course of a year.  including a 900 page … Read more

elasticsearch vulnerability helping cause Denial of Service attacks

securelist has the story elasticsearch is an open source Cloud software running on a lot of   cloud companies. As it is a search and analytics engine.   But apparently it has a vulnerability which hackers are abusing. “ including a bot implementing some extraordinary DNS amplification DDoS functionality. Operators of these bots are currently active, … Read more

Bromium says IE browser 2x more attacks than others

Bromium report has the information plus a lot more. Two items of note in the report: 1. the type of exploits occurring in IE, Java and Flash The security system of the Operating system(ASLR and DEP) was exploited in Zero-day attacks in Internet Explorer(IE). The new Adobe Action Script feature was exploited in Flash And … Read more

2Q report by IBM X-Force, 23% of websites vulnerable.

CSRF or Cross Site Request forgery is the highest likely method of attack Broken Authentication is second And cross-site scripting(XSS) is third SQL Injection as well as security misconfigurations are also higher than 10% of he vulnerability types.   The IBM report at X-Force blog  recounts the challenges a web application scanner has as to … Read more

Apple beats estimates, what is this backdoor in iOS?

today Apple beat estimates:  Deadline.com  with 35.2 mil iPhones sold   threatpost  has the info about a “stream of data” on an iPhone It looks like Jonathan Zdziarksi, a forensic scientist  and at Twitter: @JZdziarski. found a backdoor in iOS, it is supposedly used by Apple for troubleshooting, diagnostics and enterprise.   Apple responded to … Read more