Internet of Things

A Java vulnerability seemingly discovered by a French researcher has been confirmed by the US Government.

Offending the AV industry is one thing, but do you want to base a security strategy (at home or work) on a PR exercise based on a statistical misunderstanding? (Yes, I'm being diplomatic here...)

Apache modules are add-on code taking advantage of the Apache module API to extend the functionality of the standard Apache distro. In this case, the binary's functionality was malicious, but there is no exploitation of a known Apache vulnerability in this case.

Win32/Spy.Ranbyus shows how it is possible to bypass payment transaction signing/authentication with smartcard devices and has started to modify java code in one of the most popular remote banking systems (RBS) in the Ukraine.

More than half of all web servers on the Internet use Apache, so when we discovered a malicious Apache module in the wild last month, we were understandably concerned.