2005, Malware and Security

WinRAR Absolute Path Traversal Vulnerability Leads to Remote Code Execution (CVE-2018-20250)

Tenable

FEBRUARY 25, 2019

Possibly the first malware delivered through mail to exploit WinRAR vulnerability. dll, the DLL file used by WinRAR to parse ACE archives that has not been updated since 2005 (14 years ago). Join Tenable's Security Response Team on the Tenable Community. An exploit script was published to Github one day after CPR’s blog post.

Windows

Windows Malware Research Video

Broadcom Software & the U.S. Government: Partners on Cyber Defense

CIO

AUGUST 22, 2022

to meet with policymakers and government customers to talk about the future of cybersecurity. Broadcom Software solutions secure digital operations across the federal government, and our Global Intelligence Network (GIN) evaluates and shares insights on the ever-evolving cyber threat landscape with U.S.

Government

Government Security Software Weak Development Team

25 Feb Cloudera Federal Forum in Tysons Corner: Amazing agenda filled with lessons learned and best practices

CTOvision

FEBRUARY 4, 2015

Data Security—What’s New and What’s Next? Chief Security Architect, Office of the CTO, Cloudera. Security Spotlight: Focus on HIPAA and PCI Compliance. Chief Security Architect, Office of the CTO, Cloudera. Security and Compliance in the Era of Big Data. Chief Security Architect, Office of the CTO, Cloudera.

Fractional CTO

Fractional CTO Technical Review Big Data Analytics

Clickjacking 2017

Jeremiah Grossman

JUNE 3, 2009

The future: Long standing Web application security scourges such SQL Injection (SQLi), Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) are finally under control. A six year gap sparking the software security revolution. XSS experimentation began around 1997 with few appreciating its true power until 2005 (8 years).

Malware

Malware Advertising Research Examples

Join Architects, Planners, Program Managers, Data Scientists at 4th Annual Cloudera Federal Forum in DC 25 Feb

CTOvision

JANUARY 18, 2015

Data Security—What’s New and What’s Next? Chief Security Architect, Office of the CTO, Cloudera. Security Spotlight: Focus on HIPAA and PCI Compliance. Chief Security Architect, Office of the CTO, Cloudera. Security and Compliance in the Era of Big Data. Chief Security Architect, Office of the CTO, Cloudera.

Fractional CTO

Fractional CTO Program Management Programming Big Data

Into the Data Breach: Facts and Statistics You Should Know About

Apiumhub

DECEMBER 17, 2019

They can also do it by remotely bypassing network security from a secure location off-premises. Cybercriminals probe the company looking for weaknesses in its security. Hackers usually befriend their targets on social media or dupe them into opening an attachment loaded with malware. The Exfiltration. billion in 2022.

Data

Data Malware Systems Review Social

Cyber Canon Book Review: Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity

Palo Alto Networks

SEPTEMBER 23, 2019

Bottom Line: I don’t recommend this book for the Cybersecurity Canon Hall of Fame, but if you are interested in the topic, this is a good one to read. Review: When I started focusing on cybersecurity back in the early 2000s, we faced a series of routine attacks like the Melissa virus, Love Bug and Anna Kournikova.

Software Review

Software Review Technical Review Systems Review Banking

Why a Reactive Security Strategy Costs Companies Millions Each Year

CTOvision

NOVEMBER 7, 2016

With each new threat, digital security companies are learning to react more quickly and put out countermeasures for these malicious programs, but in the time between a piece of malware’s release into the wild and the release of the solution, it can cost companies a staggering amount of money. According to Inc. , According to Inc. ,

Strategy

Strategy Company Malware System

Technology Trends for 2024

O'Reilly Media - Ideas

JANUARY 25, 2024

Malicious operators have discovered that they can corrupt software archives, getting programmers to inadvertently incorporate malware into their software. Unfortunately, security problems never really go away; we expect software supply chain security to remain an important issue for the foreseeable (and unforeseeable) future.

Trends

Trends Technical Review Technology Artificial Inteligence

Seven Trends and Predictions for 2017

CTOvision

JANUARY 21, 2017

In 2005 it seemed the logical way to solve the rapid provisioning and under-utilization problem. They first introduced Amazon Web Services in 2005 with just three services. Trend #6—Security. Cybersecurity is not keeping up with criminals. Why then do Amazon, Microsoft and OpenStack all rely on virtual machines?

Artificial Inteligence

Artificial Inteligence Trends IoT Machine Learning

Iran and Hezbollah’s Pre-Operational Modus Operandi in the West – Part Two

The Cipher Brief

MAY 27, 2020

Silber was named the executive director of the Community Security Initiative, a new position created as part of UJA and JCRC-NY’s $4 million plan to help secure local Jewish institutions in the New York region. Iranian security agencies use a range of tactics to safeguard the regime, including infiltrating opposition groups.

Recruiting

Recruiting Government Travel Culture

Tom Ridge on how we should fight our ‘digital war’ (Q&A)

The Parallax

APRIL 12, 2018

To hear Tom Ridge talk about it, there was no single come-to-hackers moment that made the first secretary of homeland security and former governor of Pennsylvania realize the importance of cybersecurity. Ridge says he has been using his influence as a former politician to encourage more common-sense cybersecurity policy.

Government

Government Policies Banking Education

CTO Universe

WinRAR Absolute Path Traversal Vulnerability Leads to Remote Code Execution (CVE-2018-20250)

Broadcom Software & the U.S. Government: Partners on Cyber Defense

Trending Sources

25 Feb Cloudera Federal Forum in Tysons Corner: Amazing agenda filled with lessons learned and best practices

Clickjacking 2017

Join Architects, Planners, Program Managers, Data Scientists at 4th Annual Cloudera Federal Forum in DC 25 Feb

Into the Data Breach: Facts and Statistics You Should Know About

Cyber Canon Book Review: Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity

Why a Reactive Security Strategy Costs Companies Millions Each Year

Technology Trends for 2024

Seven Trends and Predictions for 2017

Iran and Hezbollah’s Pre-Operational Modus Operandi in the West – Part Two

Tom Ridge on how we should fight our ‘digital war’ (Q&A)

Stay Connected