Blog Posts Tagged with "Alert"
US Gas Pipeline Companies Under Major Cyber Attack
May 07, 2012 Added by:Headlines
“Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign from a single source. It goes on to broadly describe a sophisticated 'spear-phishing' campaign..."
Comments (0)
FBI Warns: GameOver
January 10, 2012 Added by:Kevin McAleavey
The significant part of the DDOS angle with the GameOver Zeus Trojan attack is that it serves as a diversion while the looting continues, and prevents access to mitigation with the bank until it's too late. That's what motivated the FBI to put out this alert...
Comments (0)
ICS-CERT Issues New SCADA Vulnerability Advisory
December 14, 2011 Added by:Headlines
Santamarta uncovered multiple hidden accounts with default passwords in the systems that could allow an attacker to remotely access the network, view and modify the module's firmware, execute arbitrary malicious code, or cause a denial of service interruption...
Comments (0)
ICS-CERT Warns Facilities of Exposure via SHODAN
December 12, 2011 Added by:Headlines
"The use of readily available and generally free search tools significantly reduces time and resources required to identify Internet facing control systems. In turn, hackers can use these tools to easily identify exposed control systems, posing an increased risk of attack..."
Comments (0)
Lockheed Warns Adobe of New Exploit in the Wild
December 07, 2011 Added by:Headlines
"This U3D memory corruption vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that the vulnerability is being actively exploited in the wild in limited, targeted attacks against Adobe Reader 9.x on Windows..."
Comments (0)
Is the Security Response System for SCADA-ICS Broken?
December 05, 2011 Added by:Headlines
"Publicly disclosing affected identity names and incident information is highly unusual and not part of ICS-CERT's normal incident reporting and triage procedures. In this particular case, because unconfirmed information had already been leaked to the public..."
Comments (0)
Affiliate Marketing Scam
November 21, 2011 Added by:Mark Baldwin
Just about every adult website has an affiliate program and it is not uncommon for scammers to look for ways to take advantage of these programs. I was recently informed by a large payment gateway operator of a scam that is currently in operation. Here is how it works...
Comments (1)
Last Call for Input on ISP Botnet Intervention Proposal
November 02, 2011 Added by:Headlines
“In our country, we always have this debate whether the government should take a stronger hand or whether market forces are enough. We've run out of time to have that conversation, at least on some level. We have to get something done..."
Comments (0)
Adobe Issues Patch for Flash Zero Day Vulnerability
September 22, 2011 Added by:Headlines
"One of these vulnerabilities is being exploited in the wild in active targeted attacks... This universal cross-site scripting issue could be used to take actions on a user's behalf on any website or webmail provider if the user visits a malicious website..."
Comments (0)
DHS: Natural Disasters Fostering Social Engineering
August 25, 2011 Added by:Headlines
The DHS's National Cybersecurity and Communications Integration Center (NCCIC) is warning that malicious users may seek to exploit interest related to physical events such as earthquakes and hurricanes by generating phishing emails with subject lines related to the incidents...
Comments (0)
CERT Warns of Iconics SCADA Software Vulnerability
May 13, 2011 Added by:Headlines
GenVersion.dll is a component used by the WebHMI interface. By passing a specially crafted string to the SetActiveXGUID method, it is possible to overflow a static buffer and execute arbitrary code with the privileges of the logged on user. Users could be lured to malicious sites...
Comments (1)
LastPass Password Manager Issues Security Alert
May 05, 2011 Added by:Headlines
To counter the potential threat, LastPass is going to force everyone to change their master passwords. Additionally, they're going to want an indication that you're you, by either ensuring that you're coming from an IP block you've used before or by validating your email address...
Comments (0)
Is Oracle Misleading Its Database Customers With CPUs?
April 27, 2011 Added by:Alexander Rothacker
Is Oracle misleading its database customers during its quarterly Critical Patch Updates (CPUs)? Unfortunately for its customers, Oracle has figured out a way to downplay the severity of its vulnerabilities and water down the Common Vulnerability Scoring System (CVSS) scoring...
Comments (0)
Adobe Issues Updates for Flash Zero Day Vulnerability
April 18, 2011 Added by:Headlines
Adobe has issued an update to counter the latest Flash player zero-day flaw which is similar to a vulnerability patched last month that was suspected of playing a critical role in the network breach of security vendor RSA, a division of EMC...
Comments (0)
Adobe Confirms Another Flash Player Zero Day Bug
April 12, 2011 Added by:Headlines
This vulnerability could allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash file embedded in a Microsoft Word file delivered as an email attachment...
Comments (0)
LizaMoon Malware Attack Continues to Spread Rapidly
April 04, 2011 Added by:Headlines
The mass-injection attack, which experts say is the largest of its kind ever seen, has managed to insert malicious code into websites by gaining access to the servers running the databases behind the Internet, according to the technology security company that discovered it...
Comments (0)
- Not Totally Sure What Just Happened...
- Has Anonymous Infiltrated the US Government?
- Big Opportunities in the Cloud
- Zeus Malware Targeting Facebook, Gmail and Yahoo Users
- Follow Up to the Out of Band Authentication Post
- Skype Malware Campaign Spreading Poison Ivy Trojan
- I Hope Edo is Worth the Privacy Risk
- Dutch MoD Innovation Competition 2012: CYBER Operations 2.0
- NIST Workshop: The Technical Aspects of Botnets
- Security Automation by Hand - Batch/Bash/FOR