Vulns & Alerts

03b2ceb73723f8b53cd533e4fba898ee

VeriSign Hacked - But Why?

February 03, 2012 Added by:Pierluigi Paganini

The impairment of these mechanisms could lead to the redirection of traffic to bogus sites with serious consequences - and not just that - the compromise of the Digital Certificate model itself raises the risk for the interception of emails and confidential documents...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Data Loss Doesn’t Always Mean Getting Hacked

February 03, 2012 Added by:Robert Siciliano

Recently UCLA announced 16,000 patients were potential victims of identity theft because a doctor’s home office was broken into and data stolen. Data breaches cost big bucks. Encryption in this scenario failed due to a password on a sticky note near the laptop...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Apple Releases Multiple OS X Lion Security Updates

February 03, 2012 Added by:Headlines

Apple has released security updates for Apple OS X Lion 10.7 to 10.7.2, OS X Lion Server 10.7 to 10.7.2, Mac OS 10.6.8, and Mac OS X Server v 10.6.8 to address multiple vulnerabilities that may allow an attacker to execute arbitrary code, a denial-of-service, and bypass security...

Comments  (0)

296634767383f056e82787fcb3b94864

Did Symantec's 2006 Breach Impact These High Risk Customers?

February 01, 2012 Added by:Jeffrey Carr

As the world's largest vendor of security software, the breach puts all of its corporate and government customers at risk, because if Symantec didn't know the extent of its breach back then, how do Symantec's customers know that their current product line is safe to use?

Comments  (0)

595640009b9ff10ec4d781330e3a9a40

Why Infosec Forced Me to Get an MBA

January 31, 2012 Added by:Don Turnblade

How much did restoring, repairing, reimaging, improved firewall rules, down time, legal fines, or direct fraud cost per event? Asking what it is may be too close to that great low pressure system, and you do not need to be struck by lightning. I won't ask and you won't tell...

Comments  (0)

58bc13ef5da5ac4fc32d41c3fbc0e460

Leaking Vault Update: Records Breached Figure Passes One Billion

January 31, 2012 Added by:Suzanne Widup

Although 2007 and 2008 grew the most in terms of additional incidents being disclosed, 2008 showed the highest number of additional records, with almost 95 million. Though 2011 is not the highest in terms of incidents, it is now the leader for records disclosed thus far...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

Symantec: Too Many Doubts - Disable pcAnywhere Software

January 26, 2012 Added by:Pierluigi Paganini

"At this time, Symantec recommends disabling the product until Symantec releases a final set of software updates that resolve currently known vulnerability risks," Symantec said in the white paper...

Comments  (4)

F29746c6cb299c1755e4087e6126a816

Five Ways to Revamp Your Home-Based Business Security

January 26, 2012 Added by:Kelly Colgan

No matter how small your operation, or even if you only occasionally work from home, clients trust you to protect their data — and laws in 46 states requires that you do so. Businesses must notify clients whose information is compromised, and notification can be costly...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

US-CERT Warns of Denial-of-Service Malware Campaign

January 26, 2012 Added by:Headlines

US-CERT has received reports of attacks using malware-laden email attachments. The advisory comes one week after multiple DDoS attacks were launched against entertainment industry and US government websites by Anonymous supporters in an operation dubbed OpMegaupload...

Comments  (0)

Af9c34417f8e5e0d240850bb353b5d40

pcAnywhere Source from 2006 Still Alive and Kicking

January 26, 2012 Added by:Keith Mendoza

Even if a complete software rewrite is done, it's not really a complete rewrite. Someone in the development team--usually the person who was working on the last version before the so-called rewrite--will copy parts of code from the old source code...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

Shopper Trust and the Zappos Ordeal

January 23, 2012 Added by:Bill Mathews

Often merchants just sell your information outright to make revenue off the data they’ve collected. Usually this is reserved for more nefarious merchants, and sometimes it is done out of ignorance of their own policies. But make no mistake – it DOES happen...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Rockwell Automation FactoryTalk Vulnerability

January 21, 2012 Added by:Headlines

Multiple vulnerabilities have been with proof-of-concept exploit code affecting Rockwell Automation FactoryTalk, a SCADA/HMI product. The vulnerability is exploitable by sending specially crafted packets to the server. This report was released by Luigi Auriemma...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Schneider Quantum Ethernet Module Vulnerability

January 20, 2012 Added by:Headlines

Researcher Rubén Santamarta previously announced hard-coded credentials in the Schneider Electric Quantum Ethernet Module.Exploitation of these vulnerabilities may allow an attacker to gain elevated privileges, load modified firmware, or perform malicious activities on the system...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: General Electric D20ME PLC Vulnerability

January 20, 2012 Added by:Headlines

The GE D20ME PLC vulnerability is exploitable by utilizing TFTP connections to the controller. The report is based on information presented by Reid Wightman during Digital Bond’s SCADA Security Scientific Symposium without coordination with the vendor or ICS-CERT...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT: Certec EDV GmbH App DoS Vulnerability

January 19, 2012 Added by:Headlines

Independent researcher Luigi Auriemma has identified a denial of service (DoS) vulnerability in Certec EDV GmbH atvise application. Certec has produced an update that resolves this vulnerability. Mr. Auriemma validated that the update resolves the vulnerability...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

Symantec: What Went Wrong?

January 19, 2012 Added by:Bill Mathews

Where the rubber meets the road: I am a firm believer that security systems should be able to hold up to open scrutiny but often I’m alone in that. If this code leak really makes Symantec’s software useless for securing systems I would contend they’re doing it wrong...

Comments  (4)

Page « < 18 - 19 - 20 - 21 - 22 > »