Security Alerts & News
by Tymoteusz A. Góral

#1407 “Foghorn” takes users out of phish-fighting with DNS “greylisting”
Clickers gonna click. Despite mandatory corporate training, general security awareness, and constant harping about the risks of clicking on unverified links in e-mails and other documents, people have been, are now, and forever will click links where exploit kits and malware lurk. It's simply too easy with the slightest amount of targeted work to convince users to click.

Eric Rand and Nik Labelle believe they have an answer to this problem—an answer that could potentially derail not just phishing attacks but other manner of malware as well. Instead of relying on the intelligence of users, Rand and Labele have been working on software that takes humans completely out of the loop in phishing defense by giving clicks on previously unseen domains a time out, "greylisting" them for 24 hours by default. The software, a project called Foghorn, does this by intercepting requests made to the Domain Name Service (DNS).
Read more
#1412 This data-stealing Trojan is the first to also infect you with ransomware
#1411 Report: Smartphone infection rate doubled in first half of 2016
#1410 TorrentLocker: Crypto-ransomware still active, using same tactics
#1409 New OSX security updates patch same zero-days as iOS 9.3.5
#1408 New cloud attack takes full control of virtual machines with little effort
#1407 “Foghorn” takes users out of phish-fighting with DNS “greylisting”
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12