Vulns & Alerts

03b2ceb73723f8b53cd533e4fba898ee

Symantec: Too Many Doubts - Disable pcAnywhere Software

January 26, 2012 Added by:Pierluigi Paganini

"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," Symantec said in the white paper...

Comments  (4)

F29746c6cb299c1755e4087e6126a816

Five Ways to Revamp Your Home-Based Business Security

January 26, 2012 Added by:Kelly Colgan

No matter how small your operation, or even if you only occasionally work from home, clients trust you to protect their data — and laws in 46 states requires that you do so. Businesses must notify clients whose information is compromised, and notification can be costly...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

US-CERT Warns of Denial-of-Service Malware Campaign

January 26, 2012 Added by:Headlines

US-CERT has received reports of attacks using malware-laden email attachments. The advisory comes one week after multiple DDoS attacks were launched against entertainment industry and US government websites by Anonymous supporters in an operation dubbed OpMegaupload...

Comments  (0)

Af9c34417f8e5e0d240850bb353b5d40

pcAnywhere Source from 2006 Still Alive and Kicking

January 26, 2012 Added by:Keith Mendoza

Even if a complete software rewrite is done, it's not really a complete rewrite. Someone in the development team--usually the person who was working on the last version before the so-called rewrite--will copy parts of code from the old source code...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

Shopper Trust and the Zappos Ordeal

January 23, 2012 Added by:Bill Mathews

Often merchants just sell your information outright to make revenue off the data they’ve collected. Usually this is reserved for more nefarious merchants, and sometimes it is done out of ignorance of their own policies. But make no mistake – it DOES happen...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Rockwell Automation FactoryTalk Vulnerability

January 21, 2012 Added by:Headlines

Multiple vulnerabilities have been with proof-of-concept exploit code affecting Rockwell Automation FactoryTalk, a SCADA/HMI product. The vulnerability is exploitable by sending specially crafted packets to the server. This report was released by Luigi Auriemma...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Schneider Quantum Ethernet Module Vulnerability

January 20, 2012 Added by:Headlines

Researcher Rubén Santamarta previously announced hard-coded credentials in the Schneider Electric Quantum Ethernet Module.Exploitation of these vulnerabilities may allow an attacker to gain elevated privileges, load modified firmware, or perform malicious activities on the system...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: General Electric D20ME PLC Vulnerability

January 20, 2012 Added by:Headlines

The GE D20ME PLC vulnerability is exploitable by utilizing TFTP connections to the controller. The report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium without coordination with the vendor or ICS-CERT...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Certec EDV GmbH App DoS Vulnerability

January 19, 2012 Added by:Headlines

Independent researcher Luigi Auriemma has identified a denial of service (DoS) vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

Symantec: What Went Wrong?

January 19, 2012 Added by:Bill Mathews

Where the rubber meets the road: I am a firm believer that security systems should be able to hold up to open scrutiny but often I’m alone in that. If this code leak really makes Symantec’s software useless for securing systems I would contend they’re doing it wrong...

Comments  (4)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Cogent DataHub Application Vulnerability

January 18, 2012 Added by:Headlines

A cross-site scripting vulnerability exists in the Cogent DataHub application because it lacks server-side validation of query string parameter values. Attacks require that a user visit a URL which injects client-side scripts into the server’s HTTP response...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Symantec: The Inconvenient Truth Behind the Data Breach

January 17, 2012 Added by:Pierluigi Paganini

Initially, Symantec spokesman Cris Paden said the hackers had stolen only the source code of Symantec Endpoint Protection 11.0 and Symantec AntiVirus 10.2, minimizing the seriousness of the breach. The situation has now changed dramatically...

Comments  (0)

3750d420f6c2a9844b529978894dc0be

2012 Has Delivered Her First Giant Data Breach

January 17, 2012 Added by:Josh Shaul

We consumers need to pressure business to change their practices and protect our information. By asking questions, we’ll force organizations to recognize the importance of effective security, and to either do it properly or lose customers to a competitor who will...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Symantec Hacked in 2006? Claim Raises More Questions

January 17, 2012 Added by:Headlines

Symantec now claims that the company's own networks were in fact breached back in 2006, leading to the loss of proprietary product data: "...an investigation into the matter had revealed that the company's networks had indeed been compromised"...

Comments  (3)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: 7T IGSS Graphical SCADA System Vulnerability

January 17, 2012 Added by:Headlines

Researcher Kuang-Chun Hung of ICST has identified an unsafe search path vulnerability. Successful exploitation may allow an attacker using social engineering to execute arbitrary code and gain the same privileges as the user that is currently logged into the system...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

T-Mobile: Hacktivism Strikes Again

January 16, 2012 Added by:Pierluigi Paganini

The technique is always the same: ridicule the opponents, show their inability to secure their networks, and express disagreement with the decisions and policies pursued by companies and government organizations...

Comments  (2)

Page « < 18 - 19 - 20 - 21 - 22 > »