Vulns & Alerts

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Siemens Tecnomatix FactoryLink ActiveX

January 05, 2012 Added by:Headlines

Researchers identified two vulnerabilities affecting ActiveX components in the Siemens Tecnomatix FactoryLink application, including buffer overflow and data corruption. Successful exploitation of the vulnerabilities could allow an attacker to perform denial of service and arbitrary code execution...

Comments  (0)

6d117b57d55f63febe392e40a478011f

Update: File Appears to Contain 2006 Norton AV Source Code

January 05, 2012 Added by:Anthony M. Freed

Infosec Island has been provided with a file that appears to contain source code for the 2006 version of Norton antivirus. We have provided Symantec with the file and are awaiting their analysis. We will not be releasing the file due to the sensitive nature of the information...

Comments  (6)

69dafe8b58066478aea48f3d0f384820

US CERT: Hash Table Collision Attack Vulnerability

January 04, 2012 Added by:Headlines

US-CERT is aware of reports stating that multiple programming language implementations, including web platforms, are vulnerable to hash table collision attacks. This vulnerability could be used by an attacker to launch a denial-of-service attack against websites using affected products...

Comments  (0)

924ce315203c17e05d9e04b59648a942

Fallout from the Christmas Hack of Stratfor

January 03, 2012 Added by:Richard Stiennon

The most painful lesson the Stratfor hack is about to demonstrate is the importance of email security. Anonymous will be recruiting volunteers to analyze the 3.3 million emails they stole that have the potential for real harm equal to the infamous WikiLeaks State Department leak...

Comments  (0)

296634767383f056e82787fcb3b94864

Was Stratfor Breached By an Insider?

January 03, 2012 Added by:Jeffrey Carr

I'm not accusing Michael Mooney of being involved. I am, however, stating that attacks by insiders who hold a grudge against their employer are common and Mooney's position along with the circumstances around his departure will certainly be explored by law enforcement...

Comments  (4)

0ff0a77035f9569943049ed3e980bb0d

Stratfor Hack Proves a Few Things

January 03, 2012 Added by:

How many more companies believe they can get by with half-baked security? Why are budgets being cut for information security by CIOs who just don’t get it? Why is it that organizations do business with other organizations without performing due diligence on the entity?

Comments  (0)

8a958994958cdf24f0dc051edfe29462

Cybersecurity in Today's World

December 31, 2011 Added by:Larry Karisny

Curt Massey spent a 35-year career protecting our national security. His military service, civilian law enforcement, corporate security and military contracting experiences have imbued him with the unpleasant knowledge of our core vulnerabilities and a visceral drive to build a team capable of finding answers...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

Secure Communications for CERTs and Stakeholders

December 29, 2011

ENISA seeks to identify the most suitable technology and platform to provide secure channels to improve communications with CERTs and other stakeholders. Secure transportation of information assures some combination of confidentiality, integrity and authenticity of the data...

Comments  (0)

Ba829a6cb97f554ffb0272cd3d6c18a7

Father Noel Delivers His Second Lump of "LulzXmas" to Stratfor

December 27, 2011 Added by:Kevin McAleavey

While many of us were nestled in our beds and enjoying Christmas day with family and friends, opening our gifts and downing the holiday grog, a nasty lump of coal was left once again under the tree for Stratfor by the LulzSec/Lulzboat crew...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Restaurant Depot Customers Alerted of Data Breach

December 12, 2011 Added by:Headlines

"Trustwave found that that the thieves inserted malicious software or 'malware' into the credit and debit card processing systems used in Restaurant Depot stores. The malware collected card information as it was processed, stored it temporarily, and then sent it to a computer server in Russia..."

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

Santa Gets Hacked - Naughty List Leaked (video)

December 09, 2011

Breaking News (video): Networks at the North Pole have been breached by unidentified hackers leading to the disclosure of sensitive data - Santa's naughty list. Don’t worry – your secrets are safe! Included is a list of the things we really think are just that - a little bit naughty...

Comments  (3)

69dafe8b58066478aea48f3d0f384820

CERT Warns of Holiday Phishing and Malware Campaigns

December 06, 2011 Added by:Headlines

"US-CERT encourages users and administrators to use caution when encountering email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Is the Security Response System for SCADA-ICS Broken?

December 05, 2011 Added by:Headlines

"Publicly disclosing affected identity names and incident information is highly unusual and not part of ICS-CERT's normal incident reporting and triage procedures. In this particular case, because unconfirmed information had already been leaked to the public..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT Issues Illinois Water Pump Failure Report

November 24, 2011 Added by:Headlines

ICS-CERT and the FBI found no evidence of a cyber intrusion... In addition, there is no evidence to support claims made in the initial Illinois STIC report... that any credentials were stolen, or that the vendor was involved in any malicious activity that led to a pump failure...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Rethinking Sensitive Information - Social Security Numbers

November 05, 2011 Added by:Rafal Los

Public and private entities have proven that a single nine-digit number as the gateway to our identities is not appropriate. Data breaches and identity theft cost organizations billions - perhaps we need to push the government to come up with a new way of verifying citizenship?

Comments  (1)

A7290c5bd7bc2aaa7ea2b6c957ef639b

SEC Issues Guidance on Security Incident Disclosure

October 31, 2011 Added by:David Navetta

What the guidance document does stress, however, is process and risk assessment. One read of this guidance is that companies internally are going to have to more carefully forecast and estimate the impact of cyber incidents and the consequences of failing to implement adequate security...

Comments  (0)

Page « < 18 - 19 - 20 - 21 - 22 > »