Blog Posts Tagged with "Vulnerabilities"
November 13, 2012 Added by:Rafal Los
It's human nature, and just the way we are wired... I know I can feel some of that on myself when I hear that phrase. I guess I would change it to be slightly more effective (or harder to dismiss) by adding "at this time" at the end of the sentence - although I doubt it would make too much of a different...
November 11, 2012 Added by:Pierluigi Paganini
Once again the discovery comes from Russia, its a analysts are demonstrating great capabilities in investigations, the forensics firm Group-IB, the same that provided information on cybercrime activities in Russia in last months, has discovered the availability of a new exploit sold in the underground...
October 31, 2012 Added by:Dan Dieterle
What information is being broadcast by your computers, company, or employees, that don’t show up in a software scan? Many companies think that if they just run a vulnerability scan and it passes that they are good, but is this an accurate test of your network security?
October 29, 2012 Added by:Fergal Glynn
Using the watering hole analogy, if you are the owner of a location where people congregate to drink you need to keep the beverages safe and clean. Unfortunately digital safety is decades behind food safety. If you own a website you need to understand what SQL Injection and XSS are...
October 22, 2012 Added by:Dan Dieterle
Patch management systems enable you to maintain full control of your systems’ patching activities. You can deploy security patches to test machines, and then push them out to all the rest of your machines, and also run reports to ensure that you have 100% compliance across all servers and workstations...
October 18, 2012 Added by:Jayson Wylie
I highly encourage anyone to look into the current mechanisms which count the people’s vote state-by-state, but even more I encourage the security industry and public to voice outrage for not putting security first in our sacred democratic election process...
October 17, 2012 Added by:Fergal Glynn
By now, our readers have undoubtedly seen the buzz about a serious security vulnerability in Oracle Java, with corresponding exploit code making its way around in the form of active, in-the-wild attack campaigns, as well as penetration testing tools...
October 13, 2012 Added by:Rafal Los
Besides all the obvious security vulnerabilities in your enterprise there is an even bigger problem lurking just below the water. At that intersection between critical system and security vulnerability is something many IT professionals acknowledge as the big pink elephant in the room - the "brittle system"...
October 08, 2012 Added by:Pierluigi Paganini
In the last decade the number of cyber incidents related to technologies that surround us is growth exponentially, the principal concerns are related to all those objects with an "intelligent component" that we daily use expose on internet for different purposes...
October 04, 2012 Added by:Jeremy Sobeck
As a Penetration Tester, this vulnerability is sought out because it is highly reliable and very low risk. As an attacker, the fact is the attack still works. The vulnerability was widely used in conjunction with the Conficker worm, which affected more than 9 to 15 million systems...
September 26, 2012 Added by:Rafal Los
Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...
September 20, 2012 Added by:Jeff McCutchan
All users have read access to the SYSVOL share of the domain controller. Forget about password cracking or passing the hash, you just get the cleartext password. A simple search for “*.xml” in the SYSVOL share on the domain controller will show if your organization is vulnerable...
September 19, 2012 Added by:Stephen Marchewitz
Every time I read something regarding the core terminology in security and risk management, I start to question whether they really know what they’re talking about. Even worse, some speak with so many words and such arrogance, I start question whether I know what I’m talking about...
September 12, 2012 Added by:Fergal Glynn
One of the big stories from this year’s BlackHat conference was Microsoft’s inaugural BlueHat contest which challenged researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. Katie Moussouris discusses...
September 10, 2012 Added by:Le Grecs
Convenience vs. Security: My goal of not installing Flash and Java on a new system didn't last more than a few hours. Yet, as infosec professionals, following the disable unnecessary services philosophy, we advise not installing these types of applications for security reasons...
September 07, 2012 Added by:Drayton Graham
A number of organizations are still using Windows 2000. It is up to the organization to determine the acceptable risk for continued use of Windows 2000-based systems. If Windows 2000 is a necessity at this time within your environment, here are some security techniques you can implement...
Wanna Buy Some Dumps?... Biniohs Chekcer on 06-19-2013
Student Pleads Guilty to Counterfeiting Coup... on 06-18-2013