Blog Posts Tagged with "Software"
Symantec Targeted in Source Code Extortion Scheme
May 07, 2012 Added by:Headlines
“Symantec’s internal information security team has analyzed the code that was posted and has determined it is NOT Symantec source code... this is NOT Norton source code that has been posted, this is not a hack of Norton... and this does no pose a threat in any way to Norton products..."
Comments (0)
Firewalls and Anti-Virus Aren't Dead - Should They Be?
May 05, 2012 Added by:Beau Woods
Decreasing the effectiveness of firewalls and antivirus in is the way they're used. Because of the massive number of connections in and out of a network, definitions of what is and is not allowed and exactly how to allow or deny network connections have become a sprawling mess...
Comments (4)
Oracle Releases Critical Patch Updates for April 2012
April 18, 2012 Added by:Headlines
Oracle has released its Critical Patch Update for April 2012 to address 88 vulnerabilities across multiple products. US-CERT encourages users and administrators to review the April 2012 Critical Patch Update and apply any necessary updates to help mitigate the risks...
Comments (0)
Adobe Releases Critical Updates Reader and Acrobat
April 12, 2012 Added by:Headlines
Adobe has released critical updates to address multiple vulnerabilities in Adobe Reader X (10.1.2) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier versions for Linux, and Adobe Acrobat X (10.1.2) and earlier versions for Windows and Macintosh...
Comments (0)
P2P File Sharing Security Concerns for Small Businesses
April 04, 2012 Added by:Robert Siciliano
In my own P2P security research, I have uncovered tax returns, student loan applications, credit reports and Social Security numbers. I’ve found family rosters which include usernames, passwords and Social Security numbers for entire family...
Comments (0)
EU: Possession of Hacking Tools to Become a Criminal Offense
April 04, 2012 Added by:Headlines
Cyber attacks on IT systems would become a criminal offense punishable by at least two years in prison throughout the EU under a draft law backed by the Civil Liberties Committee. Possessing or distributing hacking software and tools would also be an offense...
Comments (5)
Adobe Releases Critical Security Update for Flash Player
March 28, 2012 Added by:Headlines
Adobe has released an update for Flash Player to mitigate multiple vulnerabilities which could allow an attacker to remotely take control or cause a denial-of-service. Adobe has also announced that Flash Player 11.2 for Windows is now equipped with automatic update...
Comments (0)
A Scanning Tool or a Tool Scanning?
March 27, 2012 Added by:Scot Terban
What is worrying is that the scanner online at amihackerproof.com has no restrictions on it as to who it may scan, just put in an IP or domain name and click to hit some systems using this site. That’s right Mark Zuckerberg, you now can see if facebook.com is easily pwn-able...
Comments (0)
It's not Illegal if You Consent: Malware's Dirty Little Tricks
March 09, 2012 Added by:Rafal Los
Bad guys often rely on the end-user's lack of awareness, employing some dirty tricks like creating a convincing web page that looks just like your antivirus software, or something equally dastardly. But there's another trick that makes me crazy: End User License Agreements...
Comments (0)
A Security Resolution for Developers
February 22, 2012 Added by:Bill Gerneglia
You can’t understand how applications will be attacked if you don’t know how they work. Applications ultimately transmit data and operate on hardware in a network. Developers need to understand protocols, dependencies, communications, encryption, and more...
Comments (0)
Stealth Code for New Mutation of PHP Bot Infector
February 21, 2012 Added by:Brent Huston
I found a new mutation of a PHP bot infector, with zero percent detection by AV software. When I decoded the PHP backdoor I got 17 AV hits on it. This leads to the question about evasion techniques and how effective anti-virus applications are at doing code de-obfuscation...
Comments (0)
Antivirus Ban for Iran: A Controversial Penalty
February 20, 2012 Added by:Pierluigi Paganini
Iran will be banned from the purchase of antivirus systems, a technological embargo with clear implications for the Stuxnet virus attacks and the need to prevent further infections to control systems for critical infrastructures, namely their nuclear programs...
Comments (0)
A Better Path for Applications: Respecting Users
February 20, 2012 Added by:Electronic Frontier Foundation
Even with industry standard security practices in place, data is still vulnerable to a breach or a subpoena. Companies collecting personal data have an obligation to keep as little personally identifiable data as necessary to provide their services...
Comments (0)
Application Software and Security: A Tale of Two Market Sizes
February 20, 2012 Added by:Fergal Glynn
We spend 0.3% of what we pay for software on ensuring that it is secure. Now you can argue that manual testing is not included. However, even when you account for this variance, the gap in what we spend to buy software and what we spend to secure it is huge...
Comments (0)
Will the Real IT Security Researcher Please Stand Up?
February 13, 2012 Added by:Rafal Los
Most security researchers are comfortable with identifying flaws and racing to be the first to find zero-day vulnerabilities. Is this productive? Isn’t erring human? If that is the case, why is it surprising to find flaws in new software or applications?
Comments (2)
The Difficult Life of a Mac in the Mixed Environment
February 03, 2012 Added by:Bozidar Spirovski
We are not abandoning the Mac - it is a great tool and an asset in our little lab. But in the current state of things, it takes a lot of effort and compromise to fully migrate to a Mac platform, especially since a multi-environment knowledge is required...
Comments (2)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR