225 Posts

Larry Loeb

Principal, PBC Enterprises

Larry Loeb has written for many of the last century's major "dead tree" computer magazines, having been, among other things, a consulting editor for BYTE magazine and senior editor for the launch of WebWeek. He wrote for IBM's DeveloperWorks site for seven years and has written a book on the Secure Electronic Transaction Internet protocol. His latest book has the commercially obligatory title of Hack Proofing XML. He's been online since uucp "bang" addressing (where the world existed relative to !decvax), serving as editor of the Macintosh Exchange on BIX and the VARBusiness Exchange.

Written By Larry Loeb

Bot Chatter: Ragebot Botnet Malware Morphs

The botnet malware known as Ragebot, which notably uses IRC to control infected devices, has resurfaced with improved features.

An Evolving Threat: Ransomware in 2017

IT leaders must prepare to protect their environments from new types of ransomware in 2017, since the new year is sure to bring fresh threats.

Credential-Stuffing Schemes Rely on Recycled Login Information

Credential-stuffing schemes rely on the widespread, irresponsible practice of using the same login credentials to access multiples accounts.

Attacks on Embedded Open Source Code Could Rise by 20 Percent This Year

Researchers from Black Duck Software expect the rate of attacks against known vulnerabilities in open source code to increase by 20 percent in 2017.

Asia-Pacific Ransomware Attacks Emerge in the U.S.

Researchers have observed an increase in Asia-Pacific ransomware so far in 2017. Variants of these sophisticated attacks are likely to emerge in the U.S.

GoDaddy Goofs Up on SSL Certificate Security

GoDaddy had a SSL certificate security problem. A flawed authentication protocol caused the site to revoke 9,000 SSL certificates.

New PoC Exploit Weaponizes Security Research

The authors of the Sundown exploit kit leveraged research conducted by Texas-based security firm Theori to develop a PoC exploit.

Botnet Phones Home Via Ghost Host

Researchers disclosed a new method known as "ghost host," in which malware authors input false names in the HTTP host fields of a botnet's communications.

New Phishing Scam Uses Fraudulent PDF Files

A security researcher disclosed a new phishing scam that prompts users to click a malicious link and enter login information to unlock a fraudulent PDF.

The FTC Will Pay for an IoT Patching Tool

The FTC will sponsor a contest during CES 2017 to develop an IoT patching tool that enables users to promptly update software and eliminate vulnerabilities