Last week, we gave you some tips for National Cybersecurity Awareness Month, walked through an exploration of a small adware file, and explored the complicated world of the Homograph attack. Here's what else happened in security.
VB2017Many of our team members attended VB2017 in Madrid, one of the premier yearly security conferences that brings together researchers, companies, law enforcement, and more in an effort to explore the latest security research. Here's a collection of articles from The Register's John Leyden, who was in attendance:
- Bulletproof hosts stay online by operating out of disputed backwaters: A look at how dubious hosts are retreating to places where they can continue to offer dubious services.
- Spy vs. spy vs. hacker vs... who is THAT? Everyone's hacking each other: The problem of Intel gathering when everyone is muddying the waters.
- Hey, IoT vendors. When a paediatric nurse tells you to fix security, you definitely screwed up: The alarming world of IoT medical devices.
- Avast urges devs to secure toolchains after hacked build box led to CCleaner disaster: An interesting look at the timeline behind the recent CCleaner issues.
- Video games used to be an escape. Now not even they are safe from ads: My own talk, where I explore the long(ish) history of Advergaming, tricks used to force you to look at ads in games, and how it threatens to reshape many of your real-world interactions via augmented reality. Once the VB talks are uploaded to YouTube, I'll be linking to many of them.
- 3 billion Yahoo! accounts affected by 2013 breach: whoops.
- The privacy implications of email tracking: Interesting research on the problems posed by such techniques (source: Help Net Security)
- The font fake out: malicious fake fonts are still causing headaches (source: Bleeping Computer)
- One phish = one fish: Santander are touring the UK and trading one meal of fish and chips for a copy of a phishing mail/text. Yum! (source: CampaignLive)
- Phishing via email intercept: A clever way to wander into a conversation without permission (source: ZDNet)