IT Security
It Security need to be address by today organizations. This should start from the top down but in most cases IT Security start from the bottom and in most cases never reach the top. The blog on IT Security are to help everyone better... [more]
It Security need to be address by today organizations. This should start from the top down but in most cases IT Security start from the bottom and in most cases never reach the top. The blog on IT Security are to help everyone better understand how knowledge of the subject. The bad guys are working hard to gain access to your network and/or computer, we need to work at keeping them out.
LinuxSecurity.com: Description ========== * CVE-2009-3384: Multiple security flaws (integer underflow, invalid pointer dereference, buffer underflow and a denial of service) were found in the way WebKit's FTP parser used to process remote FTP directory listings. If a remote FTP server issued a specially-crafted FTP command, it could lead to disclosure of sensitive information, denial of service (application crash) or, potentially to...
More perspectives...
From linuxsecurity.com
()
An anonymous reader writes "Researchers have found several security holes in popular Firefox extensions that have an estimated total of 30 million downloads from AMO (the Addons Mozilla community site). Three 0-days were also released. Mozilla doesn't have a security model for extensions and Firefox fully trusts the code of the extensions. There are no security boundaries between extensions and, to make things even worse, an extension can...
From rss.slashdot.org
()
- Firefox tops list for reported vulnerabilities in 2009 (techspot.com)
- Microsoft Security Updates November 2009 (ghacks.net)
Phil Muncaster, V3.co.uk, Thursday 19 November 2009 at 17:37:00 Users tricked into divulging banking details Security experts warned today that the Verified by Visa online authentication scheme has become the latest lure used by phishers hoping to harvest personal information from unsuspecting shoppers....
More perspectives...
From vnunet.com
()
CentOS has updated libvorbis (C5:
arbitrary code execution), wget (C5:
certificate spoofing), and httpd (C5:
multiple vulnerabilities).
Fedora has updated qt (F10,
F11, F12:
multiple vulnerabilities), java-1.6.0-openjdk (F10, F11, F12: multiple vulnerabilities), and asterisk (F11: access control violation).
Mandriva has updated xine-lib (Corporate 3.0, 2009.0: multiple vulnerabilities), FFmpeg (multiple vulnerabilities), apache-conf...
From lwn.net
()
- Security updates for Wednesday (lwn.net)
- Security advisories for Friday (lwn.net)
- Thursday Security Updates (lwn.net)
Jack Spine writes "VeriSign has said that the main obstacle to DNSSEC implementation has been technical delays. The large size of the .com and .net domains would have made it impractical to deploy earlier versions of DNSSEC, according to VeriSign vice president of naming services Pat Kane. Deployment of DNSSEC will close a major security flaw in the DNS, the internet's equivalent to a telephone directory. The problem of DNS cache poisoning was...
From rss.slashdot.org
()
- DNSSEC Implementation Held Up By Tech Delays (rss.slashdot.org)
Badly configured cable modems cause headaches for security experts.Security experts say that misconfigured DSL and cable modems are worsening a well-known DNS problem making it easier for hackers to launch distributed denial-of-service (DDoS) attacks against their victims.
From techworld.com
()
- DNS problem linked to DDoS attacks gets worse (linuxsecurity.com)
- DNS Problem Linked To DDoS Attacks Gets Worse (rss.slashdot.org)
- Consumer Modems Worsening DNS Problem Linked to DDoS Attacks (circleid.com)
Microsoft released six security bulletins addressing a total of 15 vulnerabilities. Four affect Windows and Windows Server and two affect Microsoft Office products (Excel and Word). Only one of the three vulnerabilities (CVE-2009-2514) is critical. That vulnerability only affects Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 (it does not affect Windows Vista or Windows Server 2008 so if you are using either of these...
More perspectives...
From feedburner.com
()



