A new web portal is aiding cyber-threat incident responders by detailing vulnerabilities in popular malware, but its existence is causing debate among security professionals. Although intelligence sharing within the cyber-security community is vital, some community members have valid concerns about the publication of malware details. These include a potential loss of valuable intelligence for researchers conducting secretive operations. In addition, the vulnerabilities’ details could benefit cyber-threat actors who are pursuing constant improvements to their malicious tools. The portal, created by bug bounty hunter John Page, has yet to become popular; if it evolves into a primary resource for network defenders, it will inevitably also benefit their adversaries.
Most Recent Flipbooks
The US government has issued an alert about the Iran-linked "MuddyWater" advanced persistent threat group
Microsoft has announced plans to restrict its product users' ability to manually enable macros in several Office documents
A recent attack showed the potential of cyber-threat activity when used by a nation-state for coercion.
The FBI has warned of a recent surge in cyber attacks that use quick response (QR) codes.
The Federal Security Service of the Russian Federation (FSB) conducted a series of raids and arrests against at least 20 members of the "REvil" ransomware group.
Researchers have discovered a critical vulnerability in the popular open-source Java SQL database H2
For 2022, cyber-security practitioners must be extraordinarily nimble and adept. Plus information on telegram dropping malware, North Korean group exploits Russia, and Log4j crisis spilling in to 2022