Tag: Technical & Product

Sharpening Your Security Intelligence Ax with Big Data

If you are the typical enterprise, you potentially have tens of thousands of software vulnerabilities spread across thousands and thousands of machines in your network. The possibilities for using existing data to enhance your vulnerability...

Taking on a Zero Day with Intelligence

The situation described here does not come from the ivory tower; instead it comes from the real world and shows how to rapidly and efficiently address a zero-day vulnerability. You are probably already overwhelmed with patching. Alternatively, you...

Android 4.3 is Here! What Does it Mean for Security?

Let's take a few minutes to examine the changes Android 4.3 Jelly Bean introduces from a security perspective. While ultimately, the specific nature of the Android 4.3 Jelly Bean firmware image from the device manufacturer...

IBM Announces Intention to Acquire Trusteer

Attackers are becoming more sophisticated and their malware more difficult to detect and block. New solutions are needed. Today, IBM is announcing the acquisition of Trusteer, a leader in combatting web fraud and the defense against advanced...

Subverting BIND's SRTT Algorithm: Derandomizing NS Selection

New vulnerability found in BIND, the most popular DNS server. Exploiting this vulnerability allows to reduce the amount of effort required for an off-path (blind) DNS cache poisoning attack. This blog post describes the vulnerability in a less...