|
McAfee false-positive glitch fells PCs worldwide
The Register - Security
When AV attacks
IT admins across the globe are letting out a collective groan after servers and PCs running McAfee VirusScan attacked core system files, in some cases causing the machines to display the dreaded blue screen of death.
News: iPhone crashing bug could lead to serious exploit
SecurityFocus News
iPhone crashing bug could lead to serious exploit
>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your
Enterprise RP rollout gets an A+.
Well-honed Attacks Sneak Under the Radar
Computerworld Security News
None
Brief: Researcher aims to tweet Month of Bugs
SecurityFocus News
Researcher aims to tweet Month of Bugs
Kentucky payroll phishing scam nets small fortune
The Register - Security: Anti-Virus
Blue grass county hit by Trojan-fueled cybercrime
A gang of cybercrooks has made off with $415,000 from the coffers of Bullitt County, Kentucky following the conclusion of an elaborate phishing scam, The Washington Post reports.
Authorize.net down, (Fri, Jul 3rd)
SANS Internet Storm Center, InfoCON: green
The credit card payment gateway authorize.net is currently down ...(more)...
FCKEditor advisory, (Fri, Jul 3rd)
SANS Internet Storm Center, InfoCON: green
FCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnera ...(more)...
BCP/DRP, (Fri, Jul 3rd)
SANS Internet Storm Center, InfoCON: green
Question, what do Bing.com and Authorize ...(more)...
Happy 4th of July!, (Fri, Jul 3rd)
SANS Internet Storm Center, InfoCON: green
Celebrate, watch fireworks, but don't click on links in emails or surf to sites with Fourth of July, ...(more)...
RSA's Coviello: Cloud computing not secure enough
Network World on Security
Cloud-based services are being rolled out without enough attention being paid to securing these services and the information they handle. That was the finding of a recent study commissioned by RSA Security.
Suit over China's Web filter to target Lenovo, Acer, Sony
Network World on Security
A U.S. company will seek legal action against Lenovo, Acer and Sony next week over their shipment in China of controversial software that the company says stole its programming code.
Solaris: access to vntsd
Vigil@nce - public vulnerabilities
A local attacker can connect to vntsd in order to access to the console of a guest virtual system.
VUPEN - Drupal Multiple Cross Site Scripting and Security Bypass Vulnerabilities
VUPEN Security Advisories
Multiple vulnerabilities have been identified in Drupal, which could be exploited by attackers to disclose sensitive information or bypass security restrictions...
VUPEN - Drupal Advanced Forum Cross Site Scripting and Security Bypass Issues
VUPEN Security Advisories
Multiple vulnerabilities have been identified in Advanced Forum (module for Drupal), which could be exploited by attackers to disclose sensitive information or bypass security restrictions...
VUPEN - wxWidgets "wxImage::Create()" Function Integer Overflow Vulnerability
VUPEN Security Advisories
A vulnerability has been identified in wxWidgets, which could be exploited by attackers to compromise a vulnerable system...
VUPEN - Sun Solaris SNMP GETBULK Request Denial of Service Vulnerability
VUPEN Security Advisories
A vulnerability has been identified in Sun Solaris, which could be exploited by remote attackers to cause a denial of service...
VUPEN - Sun Lightweight Availability Collection Tool File Overwrite Vulnerability
VUPEN Security Advisories
A vulnerability has been identified in Sun Lightweight Availability Collection Tool, which could be exploited by local attackers to cause a denial of service...
VUPEN - Apache "mod_proxy" Reverse proxy Denial of Service Vulnerability
VUPEN Security Advisories
A vulnerability has been identified in Apache, which could be exploited by remote attackers to cause a denial of service...
VUPEN - IBM Tivoli Identity Manager Two Cross Site Scripting Vulnerabilities
VUPEN Security Advisories
Two vulnerabilities have been identified in IBM Tivoli Identity Manager, which could be exploited to conduct cross site scripting attacks...
Fedora 10 2009-3651: xorg-x11-xfs
Nessus.org Plugins
Synopsis :
The remote host is missing the patch for the advisory FEDORA-2009-3651 (xorg-x11-xfs)
Description :
X.Org X11 xfs font server
-
ChangeLog:
Update information :
Fedora 9 2009-3666: xorg-x11-xfs
Nessus.org Plugins
Synopsis :
The remote host is missing the patch for the advisory FEDORA-2009-3666 (xorg-x11-xfs)
Description :
X.Org X11 xfs font server
-
ChangeLog:
Update information :
FreeBSD : nfsen -- remote command execution (5143)
Nessus.org Plugins
Synopsis :
The remote host is missing a security update
Description :
The following package needs to be updated: nfsen
See also :
[GLSA-200907-01] libwmf: User-assisted execution of arbitrary code
Nessus.org Plugins
Synopsis :
The remote host is missing the GLSA-200907-01 security update.
Description :
The remote host is affected by the vulnerability described in GLSA-200907-01
(libwmf: User-assisted execution of arbitrary
[GLSA-200907-02] ModSecurity: Denial of Service
Nessus.org Plugins
Synopsis :
The remote host is missing the GLSA-200907-02 security update.
Description :
The remote host is affected by the vulnerability described in GLSA-200907-02
(ModSecurity: Denial of Service)
RHSA-2009-1138: openswan
Nessus.org Plugins
Synopsis :
The remote host is missing the patch for the advisory RHSA-2009-1138
Description :
Updated openswan packages that fix multiple security issues are now
available for Red Hat Enterprise Linux 5.
RHSA-2009-1139: finch
Nessus.org Plugins
Synopsis :
The remote host is missing the patch for the advisory RHSA-2009-1139
Description :
Updated pidgin packages that fix one security issue and one bug are now
available for Red Hat Enterprise Linux 4 a
RHSA-2009-1140: ruby
Nessus.org Plugins
Synopsis :
The remote host is missing the patch for the advisory RHSA-2009-1140
Description :
Updated ruby packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 4 and 5.
USN794-1 : libcompress-raw-zlib-perl, perl vulnerability
Nessus.org Plugins
Synopsis :
These remote packages are missing security patches :
- libcgi-fast-perl
- libcompress-raw-zlib-perl
- libperl-dev
- libperl5.10
- perl
- perl-base
- perl-debug
- perl-doc
USN795-1 : nagios2, nagios3 vulnerability
Nessus.org Plugins
Synopsis :
These remote packages are missing security patches :
- nagios2
- nagios2-common
- nagios2-dbg
- nagios2-doc
- nagios3
- nagios3-common
- nagios3-dbg
- nagios3-doc
Malware authors hit by recession too
Techworld.com Security News
Even crims feeling pinch says security company.
The recession might be having at least one positive effect - it has started cutting the volume of malware. Commercile spamfilters beter dan opensource
Security.NL nieuws
Commercile spamfilters presteren veel beter dan opensource alternatieven zoals SpamAssassin en ClamAV, zo blijkt uit onderzoek van VirusBulletin, dat naast virusscanners ook spamfilters test.
iPhone niet te hacken via SMS-bericht
Security.NL nieuws
Berichten in de media gisteren dat Apple iPhones via het sturen van een SMS-bericht zijn te hacken, zijn onjuist, aldus de onderzoeker die het beveiligingsprobleem ontdekte.
Apple iPhone 3GS Jailbreaking Tool Hits the Street
Security - RSS Feeds
The hacker who made the news in 2007 for unlocking Apple's first iPhone has released the a new application for jailbreaking the iPhone 3GS. The tool is currently available for Windows only. - George Hotz, the 19-year old hacker who made headlines
Symantec's Ramzan on solving the antivirus puzzle
CNET News.com - Security
q&a; From puzzles and chess to ciphers and antivirus software, Zulfikar Ramzan talks about how he got into the computer security business and where it's headed.
Ubuntu Security Notice - libcompress-raw-zlib-perl, perl vulnerability (USN-794-1)
Help Net Security - Advisories
===========================================================
Ubuntu Security Notice USN-794-1 July 02, 2009
libcompress-raw-zlib-perl, perl vulnerability
CVE-2009-1391
================...
Ubuntu Security Notice - nagios2, nagios3 vulnerability (USN-795-1)
Help Net Security - Advisories
===========================================================
Ubuntu Security Notice USN-795-1 July 02, 2009
nagios2, nagios3 vulnerability
CVE-2009-2288
===============================...
Gentoo Linux Security Advisory - libwmf: User-assisted execution of arbitrary code (GLSA 200907-01)
Help Net Security - Advisories
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200907-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - ...
Gentoo Linux Security Advisory - ModSecurity: Denial of Service (GLSA 200907-02)
Help Net Security - Advisories
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200907-02
- - - - - - - - - - - - - - - - - - - - - - - - - - - ...
SUSE Security Announcement - java-1_6_0-ibm (SUSE-SA:2009:036)
Help Net Security - Advisories
______________________________________________________________________________
SUSE Security Announcement
Package: java-1_6_0-ibm
Announce...
Solaris: bypassing nfs_portmon
Vigil@nce - public vulnerabilities
A NFSv4 client can bypass the nfs_portmon directive in order to connect to the server.
VUPEN - MP3-Nator Playlist File Processing Buffer Overflow Vulnerability
VUPEN Security Advisories
A vulnerability has been identified in MP3-Nator, which could be exploited by attackers to compromise a vulnerable system...
VUPEN - KerviNet Forum SQL Injection and Cross Site Scripting Vulnerabilities
VUPEN Security Advisories
Multiple vulnerabilities have been identified in KerviNet Forum, which could be exploited by attackers to manipulate or disclose certain data...
VUPEN - CMS Chainuk Multiple Code Injection and File Inclusion Vulnerabilities
VUPEN Security Advisories
Multiple vulnerabilities have been identified in CMS Chainuk, which could be exploited by attackers to manipulate or disclose certain data, or compromise a vulnerable web server...
Related-key Cryptanalysis of Full AES-192 and AES-256
Virus.Org - Computer Security news for the IT Security Professional.
New research develops an attack against AES-256 that is better than brute force.
MD6 bows out gracefully from SHA-3 Competition
Virus.Org - Computer Security news for the IT Security Professional.
MD6 Hash algorithm withdrawn from NIST SHA-3 competition due to concerns over strength of reduced rounds version.
Complex firewalls cost money says new report
Techworld.com Security News
Forensisch wapen tegen hackertool Metasploit
Security.NL nieuws
China maakt meeste malware
Security.NL nieuws
Veel computers kwetsbaar door Adobe-lek
Security.NL nieuws
Gumblar-virus besmet populaire webwinkel
Security.NL nieuws
Hackers crack ColdFusion
The Register - Security
A practical guide to disaster recovery planning
The Register - Security
Latin Best Buy surfers sprayed by drive-by download malware
The Register - Security
Symantec Releases Norton 2010 Betas
(PC Magazine)
Yahoo! News: Security News
You don't know tech: The InfoWorld news quiz
(InfoWorld)
Yahoo! News: Security News
Solaris: denial of service via UDP and TE
Vigil@nce - public vulnerabilities
VUPEN - SuSE Security Update Fixes IBM Java Code Execution Vulnerabilities
VUPEN Security Advisories
VUPEN - Gentoo Security Update Fixes libwmf Use-After-Free Vulnerability
VUPEN Security Advisories
VUPEN - Gentoo Security Update Fixes ModSecurity Denial of Service Issues
VUPEN Security Advisories
VUPEN - Ubuntu Security Update Fixes Libcompress-raw-zlib-perl Vulnerability
VUPEN Security Advisories
VUPEN - Ubuntu Security Update Fixes Nagios Command Injection Vulnerability
VUPEN Security Advisories
VUPEN - Redhat Security Update Fixes Openswan Denial of Service Vulnerabilities
VUPEN Security Advisories
VUPEN - Redhat Security Update Fixes Pidgin Denial of Service Vulnerability
VUPEN Security Advisories
VUPEN - Redhat Security Update Fixes Ruby Security Bypass and DoS Issues
VUPEN Security Advisories
VUPEN - AudioPLUS Playlist File Processing Buffer Overflow Vulnerability
VUPEN Security Advisories
Mozilla patches Firefox 3.5 ... already
Techworld.com Security News
The New Communication And Collaboration Revolution Is Coming And Is Called Google Wave
The Best Article Every day
Hackerconferentie HAR wil samenleving raken
Security.NL nieuws
"Overheid moet beveiliging PC's reguleren"
Security.NL nieuws
Google Update niet meer continu in achtergrond
Security.NL nieuws
MD6 teruggetrokken uit SHA-3 competitie
Security.NL nieuws
China not demolishing Green Dam
The Register - Security
Gamer embezzles virtual cash to settle real debts
The Register - Security
Apple may be exempt from China's Web filter mandate
Network World on Security
Conficker: Forgotten but not Gone
None
RSA's Coviello: Cloud computing not secure enough
Computerworld Security News
SMS flaw leaves iPhone vulnerable to attack
silicon.com :
RHEL 3: denial of service of net-snmp
Vigil@nce - public vulnerabilities
Month Of Twitter Bugs exposes micro-blogging flaws
The Register - Security
Michael Jackson spam turns into Michael Jackson worm
WatchGuard Wire
Text messages can pwn your iPhone
WatchGuard Wire
Apple patching serious SMS vulnerability on iPhone
Hack In The Box
Cell phones used to view patient records
Hack In The Box
The ins and outs of the extradition battle for Gary McKinnon
Hack In The Box
China has not given up Green Dam plan
Hack In The Box
UAE audit body sets up anti-fraud hotline
Hack In The Box
Password Recovery Questions Make Online Accounts Vulnerable
Hack In The Box
Judge tentatively acquits woman in MySpace case
Hack In The Box
Microsoft's Gazelle browser: A layperson's explanation
Hack In The Box
Psystar Emerges from Chapter 11, Launches New Mac Clone
Hack In The Box
|