As of 5.15.13, we understand from multiple sources that the WTOP and FedNewsRadio servers have been cleaned of the exploit and the all clear has been sounded. From Invincea’s perspective, it is important to point out that anytime an organization … Read More »
UPDATE: Due to heavy demand, we held a webinar on Friday 5.10.13 to discuss the attack against the WTOP and FedNewsRadio websites as well as the watering hole attacks against the U.S. Department of Labor website. For those interested, a recording … Read More »
UPDATE: At 7:42 a.m. on 5.7.13 the WTOP news website was still serving this exploit – we have had multiple conversations with concerned parties – do not browse to this site until further notice. On the evening of May 6th, … Read More »
UPDATE 3:35 pm 5.6.13 – Webinar detailing findings and methods Invincea used to detect, thwart and analyze to be held on Friday May 10th, register if you’d like by going here Part 1 is available here On Wednesday May 1st, … Read More »
UPDATED 11:30 am 5.4.13 – Correction - Microsoft confirms exploit is a zero-day as written up in Part 2 UPDATED 8:50 am 5.2.13 – Correction regarding Google black-holing of domain – details in analysis below UPDATED 2:47 pm 5.1.13 – Now available … Read More »
Java continues to be the most significant vulnerability being exploited on individual machines and enterprise networks today. As we previously described, most enterprises cannot uninstall Java, and worse, cannot upgrade Java to the latest version even as Oracle comes out … Read More »
On the heels of national tragedies an unfortunate element that consistently arises now is exploitation of the tragedy often by cyber means. The Boston Marathon Bombing is no exception. On the morning of April 17, we noticed a strange entry … Read More »
The latest and most important InfoSec news gathered in one place. Here are the stories Invincea was talking about this week: Warning! Hackers are exploiting Texas explosion news to spread malware – Naked Security Once again, cybercriminals are leaping at … Read More »
The latest and most important InfoSec news gathered in one place. Here are the stories Invincea was talking about this week: Cyber-Attacks on Infrastructure Firms Highlight Need for New Defenses – eWeek Spear-phishing against energy firms and online attacks targeting … Read More »
Managed security provider Websense recently released results from a study they conducted that showed 94 percent of browsers may be vulnerable to at least one Java exploit. Shocker considering a number of recent 0day disclosures around Java, right? We’ve analyzed … Read More »
