Friday, January 23, 2015

Google reveals 3 Apple OS X Zero-day Vulnerabilities

Project Zero has yet again revealed three more zero-day vulnerabilities this time on OS X. The team has published three zero-day exploits for Apple’s OS X, with sufficient information for an experienced hacker to exploit the bugs in an attack. The details about the zero-days were released after alerting Apple to them. All three require physical access and cannot be exploited remotely.

Google reveals 3 Apple OS X Zero-day Vulnerabilities

Google's Project Zero is an initiative that identifies security holes in different software and calls on companies to publicly disclose and patch bugs within 90 days of discovering them. The company’s tight 90-days disclosure policy encourages all software vendors to patch their products before they could get exploited.

Friday, January 16, 2015

Malwarebytes Anti-Exploit!

"Popular software programs contain millions of line of code. Hackers exploit flaws (vulnerabilities) in the code to deliver malware. Except when they can't. Malwarebytes Anti-Exploit wraps four layers of security around popular browsers, preventing exploits from compromising vulnerable code. Not an antivirus, and compatible with most antivirus, Malwarebytes Anti-Exploit is a small, specialized shield designed to protect you against one of the most dangerous forms of malware attacks. And it's free."

Better and faster compared to running the browser in a sandbox. Available only on Windows.

Download >> hosts a collection of lists that provide information on the components of legitimate and potentially unwanted programs. They are maintained by superb members of the Internet community, for the benefit of the community at large.

 + Check out this kool script (in python) that parses to the site.

Friday, January 09, 2015

ISTR Annual Report

2014 Internet Security Threat Report, Volume 19

The Internet Security Threat Report provides an overview and analysis of the year in global threat activity. The report is based on data from the Symantec Global Intelligence Network, which Symantec's analysts use to identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.

Overview and Analysis
98 pages, 11.5 MB (PDF)

Additional Stats and Information
116 pages, 3 MB (PDF)

Thursday, January 08, 2015

Android - NoRoot Firewall

While there are many firewalls including ones packaged in Antivirus apps they all require your Android devices to be rooted As the leading mobile OS Android should have an inbuilt firewall until then we hav NoRoot Firewall the app ingeniously uses the Android inbuilt VPN feature to provide filter access to apps onboard your device and due to this the app doesn't need your devices to be rooted as name suggests.