Blog Posts Tagged with "Vulnerabilities"

68b48711426f3b082ab24e5746a66b36

Automation, Dog Food and a Security State of Mind

January 20, 2013 Added by:Fergal Glynn

As a developer, I don’t focus on is security. I usually get the security correct, but my main goal is making all the parts work together well. And that’s true of most developers most of the time...

Comments  (0)

7e364bbac217114a59e547b354e7f7ad

Don’t Be Caught Playing the Fool (A Lesson in Why Change Control is Important)

January 03, 2013 Added by:Gary McCully

This is a real world story around the dangers of not following proper change control processes when placing new systems in production. In this blog I will discuss how one person’s actions could have resulted in an attacker gaining complete access to the organization’s internal network. I am hoping this example will cause organizations to take their change control processes a little more seriou...

Comments  (0)

Af9c34417f8e5e0d240850bb353b5d40

Security is Inconvenient, Deal With It!

December 17, 2012 Added by:Keith Mendoza

ZD Net had an article entitled "Kernel vulnerability places Samsung devices at risk" and I thought "so, what's new" until I followed the link to the forum post on xda-developers. Then I just lost it because I'm certain that this is a result of plain and simple laziness...

Comments  (2)

03b2ceb73723f8b53cd533e4fba898ee

How to get into your house through SmartTV

December 14, 2012 Added by:Pierluigi Paganini

Security experts posted a video that demonstrates how it is possible to attack a Samsung Smart TV exploiting a 0-day vulnerability to gain root access on it. The hacker could remotely wipe data from attached storage devices, monitoring and controlling the victim TV...

Comments  (0)

Bd86d2b4bd72ac0ca847696eec3759f3

Compliance Combines with Vulnerability Scanning to Create Aegify

December 10, 2012 Added by:Michelle Drolet

Two security firms, the established Rapid7 vulnerability manager and eGestalt, a cloud-based compliance management provider, have signed an OEM deal that will do something for the IT security industry that hasn’t been done before: a combination security and compliance posture management...

Comments  (1)

03b2ceb73723f8b53cd533e4fba898ee

LTE networks vulnerable to jamming, a question of national security

November 18, 2012 Added by:Pierluigi Paganini

"These comments describe extremely effective attacks can be realized, using fairly low complexity. It would be in the interest of public safety to take measures to reduce the vulnerability of Public Safety LTE, and lower the likelihood of an effective jamming attack..."

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Never Attribute to Malice, But Always Verify

November 15, 2012 Added by:Fergal Glynn

FX did find hardcoded local bootloader passwords. These would require physical access and are the types of hardcoded passwords commonly found in networking gear and appliances. Yes a vulnerability but not likely nefarious...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Skype: serious vulnerability found

November 15, 2012 Added by:Pierluigi Paganini

The news is circulating with insistence on the net, Skype is suffering from a vulnerability that can expose its users to serious risks, due this reason it has suspended the password reset process.The Russian Blog Pixus.ru published a post where it described a workaround to hijack the accounts of the famous application...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

"No known exploits in the wild..."

November 13, 2012 Added by:Rafal Los

It's human nature, and just the way we are wired... I know I can feel some of that on myself when I hear that phrase. I guess I would change it to be slightly more effective (or harder to dismiss) by adding "at this time" at the end of the sentence - although I doubt it would make too much of a different...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Group-IB found a new zero-day vulnerability in Adobe products

November 11, 2012 Added by:Pierluigi Paganini

Once again the discovery comes from Russia, its a analysts are demonstrating great capabilities in investigations, the forensics firm Group-IB, the same that provided information on cybercrime activities in Russia in last months, has discovered the availability of a new exploit sold in the underground...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Advanced Penetration Testing for Highly Secured Environments: The Ultimate Security Guide

October 31, 2012 Added by:Dan Dieterle

What information is being broadcast by your computers, company, or employees, that don’t show up in a software scan? Many companies think that if they just run a vulnerability scan and it passes that they are good, but is this an accurate test of your network security?

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Moving From Poisoning the Ocean to Poisoning the Watering Hole

October 29, 2012 Added by:Fergal Glynn

Using the watering hole analogy, if you are the owner of a location where people congregate to drink you need to keep the beverages safe and clean. Unfortunately digital safety is decades behind food safety. If you own a website you need to understand what SQL Injection and XSS are...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Why Patch Management is Vital to Your Business Network Security

October 22, 2012 Added by:Dan Dieterle

Patch management systems enable you to maintain full control of your systems’ patching activities. You can deploy security patches to test machines, and then push them out to all the rest of your machines, and also run reports to ensure that you have 100% compliance across all servers and workstations...

Comments  (14)

54a9b7b662bfb0f0445d1661d7ed180b

Cyber Threats to Democracy?

October 18, 2012 Added by:Jayson Wylie

I highly encourage anyone to look into the current mechanisms which count the people’s vote state-by-state, but even more I encourage the security industry and public to voice outrage for not putting security first in our sacred democratic election process...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Advice Regarding Recent Java Vulnerabilities

October 17, 2012 Added by:Fergal Glynn

By now, our readers have undoubtedly seen the buzz about a serious security vulnerability in Oracle Java, with corresponding exploit code making its way around in the form of active, in-the-wild attack campaigns, as well as penetration testing tools...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Brittle Systems - Unmasking Enterprise Security's Quiet Danger

October 13, 2012 Added by:Rafal Los

Besides all the obvious security vulnerabilities in your enterprise there is an even bigger problem lurking just below the water. At that intersection between critical system and security vulnerability is something many IT professionals acknowledge as the big pink elephant in the room - the "brittle system"...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »