On Friday December 9th, security reseller Accuvant published a Google-funded report in which Google Chrome comes out on top, seemingly at the expense of Mozilla Firefox. At the request of several enterprise clients, NSS Labs has reviewed the Google/Accuvant publication...Read more

Last Friday, NSS researchers announced their findings on Duqu on a blog post. We also pointed to our open source tool that we've shared with the security research community. Since posting, the tool has been viewed over 18,000 times and 45 different forks have been created from the github repository in the few days it has been up. Read more...

While there has been a lot written about DuQu, and some talented researchers – particularly Budapest-based CrySyS Labs – have done good work, there have been some key omissions and misinformation, as well as retractions and restatements. Having performed our own extensive analysis of the code, we wanted to provide the following succinct summary of our findings. Read more...

It is often said that there is no such thing as security through obscurity. However, if the purpose is to evade detection, then security through obscurity is a valid option; it is hard for data to be compromised if that data is never found. Read more...

First things first. The so-called Siri "vulnerability" that was widely reported this week is a dumb non-issue created by journalists seeking sensationalist headlines. A simple setting disables the ability to use Siri without unlocking the phone rendering the whole issue moot. What the sensationalists fail to take into account is that the iPhone is a consumer device. Most consumers don't even use a passcode. The obvious default setting for Siri in this case, as one of the attractive new USPs of the iPhone 4S... Read more

Performance and effectiveness claims from vendors of network security products can never be taken at face value. In a process crucial to making the right buying decisions, how do the CISO, CIO and other security professionals ensure that new in-line security products are tested thoroughly in an environment that replicates as closely as possible that found in his or her own network? Read more...

This weekend the infosec community lost one of its early pioneers and formative forces. Gene Schultz was also an advisory board member of NSS Labs. He was a wise, kind soul, and a consumate gentleman. I was personally graced by his mentorship, encouragement, support, and friendship over the last 7 years. He will be sorely missed and well remembered.

Gene's obituary, as written by long-time friend and another icon in infosec. http://www.cerias.purdue.edu/site/blog/post/gene_schultz_r._i._p/

Lately we have been seeing TrojansVOIP trojan downloading and installing the SIPVicious suite that is primarily used to audit SIP based VoIP System. This is a good example on how the toolset developed with good things in mind is misused by malware authors. For starters, SIPVicious suite is a set of tools that can be used to audit SIP based VoIP systems. It currently consists of five tools: Read more...

I have taken a significant number of inquiries recently from NSS Labs’ enterprise clients to discuss the increase in the level of demand for employee-owned devices to be used on corporate networks. One of the disturbing trends is the number of CIOs admitting that end users are connecting those devices to the enterprise network with or without permission. Where security requirements and risk profiles permit, many organizations would be better advised to accommodate and control this behavior rather than attempt to prohibit it. Read more...

NSS Labs security analysts have been researching the global threat landscape for activity across three main categories: socially-engineered malware, phishing, and exploits. Over the last few years we've actively tracked numerous trends; the rise of phishing, the shift from remote to client-side exploits, the explosion of web-based malware, the increasing use of evasion and obfuscation techniques to circumvent security products, etc. (And we've incorporated these changes into our real world testing in order to give enterprise customers the most accurate product assessments available - often with shocking results.) Read more...