From daniweb.com
()
IT Security
It Security need to be address by today organizations. This should start from the top down but in most cases IT Security start from the bottom and in most cases never reach the top. The blog on IT Security are to help everyone better... [more]
It Security need to be address by today organizations. This should start from the top down but in most cases IT Security start from the bottom and in most cases never reach the top. The blog on IT Security are to help everyone better understand how knowledge of the subject. The bad guys are working hard to gain access to your network and/or computer, we need to work at keeping them out.
Articles
Sort: Date
First of all unhide all the programs. if u have a broad band or dial up connection jst get off the Ethernet connection.then restart the computer and press F7.you got in safe mode and run the computer with network there you search where the unauthorized folder are there or not if then just delete...
More perspectives...
The The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory: Multiple Cisco WebEx WRF Player Vulnerabilities.
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user.
The Cisco WebEx WRF Player is an application...
More perspectives...
From planetsysadmin.com
()
McAfee® AntiVirus Plus software, now available with revolutionary Active Protection technology, offers essential PC security with accelerated performance and helps keeps you safe online from viruses, spyware and hackers.
More perspectives...
From zerodaydeals.com
()
Fedora has updated slim (F11,
F12: X session hijacking), NetworkManager (F11: multiple
vulnerabilities), automake (F12: arbitrary
code execution), stardict (F12:
information
disclosure), and cacti (F12: multiple
cross-site scripting vulnerabilities).
Gentoo has updated ntp (denial of
service) and adobe-flash (multiple
vulnerabilities).
Red Hat has updated PyXML
(application crash) and gd (arbitrary code
execution).
Ubuntu has updated...
More perspectives...
From lwn.net
()
Those of you using PowerDNS Recursor 3.1.7.1 or earlier will want to
upgrade to 3.1.7.2 quickly. "The two major vulnerabilities can lead
to a FULL SYSTEM COMPROMISE, as well as cache poisoning, connecting your
users to possibly malicious IP addresses." Distributor updates are
on their way, but the advisory notes that Ubuntu will not be shipping an
update, so Ubuntu users will need to do the upgrade manually.
More perspectives...
From lwn.net
()
Security provider Symantec is struggling to correct a flaw with its Symantec Endpoint Protection Manager. Signature updates with 2010 dates are not being recognized, causing Symantec some grief this new year.Symantec Network Access Control products might also be affected, but the company is working around the clock to correct the (50 words)
More perspectives...
From feedburner.com
()
LinuxSecurity.com: =3D=3D=3D=3D=3D=3D=3D=3D
Multiple vulnerabilities in Adobe Flash Player might allow remote
attackers to execute arbitrary code or cause a Denial of Service.
More perspectives...
From linuxsecurity.com
()
Over the last two weeks of Security Levity, we've looked at how DNS blocklists (DNSBLs) evolved from the spam filtering equivalent of primordial ooze, and how they became reputation services. This week I want to look at where we're going: what's the future for sender reputation?(If you missed any earlier posts in this series, here's part 1 and here's part 2.)
read more
More perspectives...
From blogs.computerworld.com
()
LinuxSecurity.com: Multiple vulnerabilities were found in wireshark, which can be exploited by malicious people to possibly execute arbitrary code.
More perspectives...
From linuxsecurity.com
()
Phishers represent over 57% of all web-based threats in December....
Network Box stats show over half of all web-based threats in December were phishing attacks
According to information posted on their website:
The number of phishing attacks rose dramatically in the run up to Christmas, according to managed security firm, Network Box. Analysis of internet threats in December 2009 show that just over 57 per cent of all threats were...
More perspectives...
From pindebit.blogspot.com
()
Symantec Security Check is a web-based scan that combines two features: a Security Scan and Virus Detection.
To use it, you will be asked to download some components and add-ons (ActiveX among ot...
More perspectives...
From feedburner.com
()
Boca Raton, FL – Blue Penguin Software is excited to announce that its antispyware software SpyZooka is able to remove the fraudulent antispyware program Eco AntiVirus from infected systems. SpyZooka ...
More perspectives...
From webwire.com
()
LinuxSecurity.com: An update for the MIT's Kerberos 5 implementation fixes a null-pointer dereference vulnerability that allows attackers to remotely crash the Key Distribution Center (KDC). According to an advisory by the MIT, sending a specially crafted client request to the KDC is all that is required to exploit the vulnerability.
More perspectives...
From linuxsecurity.com
()
CLEARWATER, Fla., Jan. 4 /PRNewswire/ -- Sunbelt Software, a leading provider of Windows security software, today announced the top 10 most prevalent malware threats for the month of December 2009. The report, compiled from monthly scans performed by Sunbelt's award-winning anti-malware solution, VIPRE® Antivirus + Antispyware, and its antispyware tool, CounterSpy®, is a service of SunbeltLabs(TM).
More perspectives...
From rss.prnewswire.com
()
Quick Heal AntiVirus Plus 2009 10.00 SP1 and Quick Heal Total Security 2009 10.00 SP1 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs, as demonstrated by replacing quhlpsvc.exe.
More perspectives...
From nvd.nist.gov
()
Before you read this story, allow me to clarify. Not all two factor authentication is being defeated. That is why I place the "some" word in the title. Two factor authentication is "loosely" defined as something you HAVE and something you KNOW. Does that mean that "having" a username and knowing a "password" constitutes 2FA? Does "having" a social security number" and knowing what town you were born in constitute 2FA? I don't consider...
More perspectives...
From pindebit.blogspot.com
()
Nir Goldshlager, a security researcher and penetration tester, discovered some XSS vulnerabilities in Twitter and Google Calendar that can be exploited by attackers to steal cookies and session IDs - ...
More perspectives...
From feedburner.com
()
Now that Microsoft (NASDAQ:MSFT) has tightened the security of Windows and its Office software, miscreants are using other software such as Adobe (NASDAQ:ADBE) Acrobat to hack into systems. McAfee (NYSE:MFE) also predicts more sophisticated social networking attacks and targeting of HTML 5
More perspectives...
From itworldcanada.com
()
Hewlett-Packard has issued a number of patches for a component in its OpenView software package. The company advises administrators to apply the patches immediately, given the severity of the vulnerabilities. The HP OpenView Network Node Manager (OV NNM) has 12 buffer overflow vulnerabilities that an attacker could exploit to execute arbitrary code and even gain system control.
More perspectives...
From infoworld.com
()
One-time passwords and phone authentication no longer enoughSecurity measures such as one-time passwords and phone-based user authentication are no longer enough to protect online banking transactions against fraud, according to a new report from Gartner.
More perspectives...
From techworld.com
()
CentOS has updated C5: bind (DNS
cache poisoning), C5: dstat (arbitrary code
execution), C5: xerces-j2 (denial of
service), C5: kernel (multiple
vulnerabilities), C5: acpid (privilege
escalation), C5: kvm (host denial of
service), C5: firefox (multiple
vulnerabilities), C4: kernel (multiple
vulnerabilities), C4: seamonkey (multiple
vulnerabilities), C4: xpdf (buffer
overflow), C4: gpdf (buffer overflow), C4: kdegraphics (buffer overflow...
More perspectives...
From lwn.net
()
Filed under: Other issues, Rumors, Citigroup Inc. (C)The Wall Street Journal (subscription required) reports that the FBI is looking into a potential computer-security breach that resulted in the theft of tens of millions of dollars from Citibank by computer hackers.
These hackers appear to be linked to a Russian cyber gang who targeted Citigroup's (C) Citibank subsidiary, including its North American retail bank and other businesses. This...
More perspectives...
From bloggingstocks.com
()
A "critical" security vulnerability has been discovered in all versions of Reader and Acrobat, says Adobe. While the company is not providing many details, it does note that hackers can use the flaw to force a crash, and potentially assume control of an affected system. Unlike many such vulnerabilities, the new one is described as being present in the wild, and not just theoretical....
More perspectives...
From macnn.com
()
Palm sued over Pre GPL violation. The lawsuit alleges copyright violation.
Is Google Public DNS safe? Look at the source ports. A look at Google's DNS play and security.
In mobile, do developers or consumers matter most? Picking the right group to pay attention to matters. Or does it?
On maintaining MySQL databases. A primer for administrators.
Related Activities Comments (0) Post a Comment Ask a Question Related Software MySQL (14...
More perspectives...
From feedburner.com
()
Security measures such as one-time passwords and phone-based user authentication, considered among the most robust forms of security, are no longer enough to protect online banking transactions against fraud, a new report from research firm Gartner Inc. warns.
More perspectives...
From computerworld.com
()
Google Public DNS "is a free, global Domain Name System (DNS) resolution service, that you can use as an alternative to your current DNS provider," Google announced, and says that in order to give it a try you need to configure your settings to use the IPs "8.8.8.8 and 8.8.4.4 as your DNS servers". Supposed improvements are speedier browsing and better security.
Zim in the forum comments, "And now the big brother knows not only what you...
More perspectives...
From blogoscoped.com
()
Jack Spine writes "VeriSign has said that the main obstacle to DNSSEC implementation has been technical delays. The large size of the .com and .net domains would have made it impractical to deploy earlier versions of DNSSEC, according to VeriSign vice president of naming services Pat Kane. Deployment of DNSSEC will close a major security flaw in the DNS, the internet's equivalent to a telephone directory. The problem of DNS cache poisoning was...
More perspectives...
From rss.slashdot.org
()
The German government is planning to establish a malware cleanup helpline for its citizens. Announced last week at the fourth German IT summit in Stuttgart, the project is due to start in 2010. Internet Service Providers (ISPs) will team up with the German Federal Office for Information Security (BSI) as well as eco (Association of the German Internet Industry) to clean consumer systems from botnet infestation. ISPs...
More perspectives...
From arstechnica.com
()
A security researcher has uncovered vulnerabilities in Twitter and Google Calendar that could put users at risk.
In a proof of concept, researcher Nir Goldshlager demonstrated cross-site scripting (XSS) vulnerabilities in Google Calendar and Twitter that he said could be used to steal cookies and session IDs. He also uncovered an HTML injection issue affecting Google Calendar as well that he said could be used to redirect a victim to an...
More perspectives...
From hackinthebox.org
()
Debian has updated libtool
(privilege escalation).
Fedora has updated viewvc (F12, F11:
multiple vulnerabilities).
Mandriva has updated apache-mod_auth_mysql (SQL injection), imap (multiple vulnerabilities), acl (symlink attack).
More perspectives...
From lwn.net
()
CyberDefender Corporation (OTCBB: CYDE : http://cts.businesswire.com/ct/CT?id=smartlink&url=http%3A%2F%2Ffinance.yahoo.com%2Fq%3Fs%3Dcyde.ob%26d%3Dt&esheet=6127487&lan=en_US&anchor=CYDE&index=1&md5=efbf76e9fc1bf61476dc3f7e78d77968 ), an award-winning provider of PC security, Antispyware/ Antivirus Software : http://cts.businesswire.com/ct/CT?id=smartlink&url=http%3A%2F%2Fwww.cyberdefender.com%2F&esheet=6127487&lan=en_US&anchor=Antivirus...
More perspectives...
From pr-inside.com
()
LinuxSecurity.com:
Security issues were identified and fixed in firefox 3.0.x:
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1,
and Thunderbird allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute arbitrary
code via unknown vectors (CVE-2009-3979).
Multiple unspecified vulnerabilities in the...
More perspectives...
From linuxsecurity.com
()
Phil Muncaster, V3.co.uk, Wednesday 30 December 2009 at 15:29:00 Network Box stats show over half of all web-based threats this month were phishing attacks Phishing attacks soared in December as cyber criminals looked to capitalise on the higher number of online shoppers in the run up to Christmas, according to new research from managed...
More perspectives...
From vnunet.com
()
Adobe will be top target for hackers in 2010, report says: Via Computerworld Security News.
Adobe Systems' Flash and Acrobat Reader products will become the preferred targets for criminal hackers in 2010, surpassing Microsoft Office applications, a security vendor predicted this week.
"Cybercriminals have long picked on Microsoft products due to their popularity. In 2010, we anticipate Adobe software, especially Acrobat Reader and Flash, will...
More perspectives...
From privacydigest.com
()
Whitelisting puts users at risk claims security companyMicrosoft's recommendations that users exclude some file extensions and folders from antivirus scans, may put users at risk, according to a rival security company.
More perspectives...
From techworld.com
()
LinuxSecurity.com:
Multiple vulnerabilities has been found and corrected in dstat:
Multiple untrusted search path vulnerabilities in dstat before 0.7.0
allow local users to gain privileges via a Trojan horse Python module
in (1) the current working directory or (2) a certain subdirectory
of the current working directory (CVE-2009-3894, CVE-2009-4081).
This update provides a solution to these vulnerabilities.
More perspectives...
From linuxsecurity.com
()
For some reason I was looking for hackers to do some legal ethical hacking jobs.Someone recommended me this site www.rent-a-hacker.co.uk they are hardcore hackers and I have heard good things about them,but the question is; how safe is to hire hackers?They will know everything about the network...
More perspectives...
From daniweb.com
()
Debian has updated php-net-ping
(arbitrary code execution) and webkit
(multiple vulnerabilities).
Slackware has updated gimp (two
arbitrary code execution vulnerabilities).
SUSE has updated kernel (multiple
vulnerabilities).
Also, of note is a PostgreSQL security
update, which fixes two CVEs, one of which (SSL certificates with NULL
bytes) is remotely exploitable depending on the server configuration.
More perspectives...
From lwn.net
()
Debian has updated unbound
(cryptographic implementation allowing possible cache poisoning) and aria2 (arbitrary code execution).
Fedora has updated cacti (F11:
multiple cross-site scripting vulnerabilities) and proftpd (F11, F12:
man-in-the-middle/SSL injection).
Mandriva has updated jpgraph
(multiple cross-site scripting vulnerabilities), dstat (privilege escalation), acpid (Corporate 4.0, 2008.0, 2009.0, 2009.1, 2010.0, Enterprise...
More perspectives...
From lwn.net
()
LinuxSecurity.com:
A vulnerability has been found and corrected in mod_auth_mysql:
SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql
(aka libapache2-mod-auth-mysql) module for the Apache HTTP Server
2.x allows remote attackers to execute arbitrary SQL commands via
multibyte character encodings for unspecified input (CVE-2008-2384).
This update provides fixes for this vulnerability.
Update:
Packages for 2008.0 are...
More perspectives...
From linuxsecurity.com
()
All networks have vulnerabilities, but how do you find them? By using networkd vulnerability assessment (NVA) tools to look at every IP address on your network and test the service or device using that address. Even more important, you need assessment tools that work from the outside in, so you can test your network the way the hackers will. By using regular assessments, you can shut all the openings in your network before the hackers find...
More perspectives...
From hackinthebox.org
()
CentOS has updated ntp (C3:
multiple vulnerabilities, C4: denial of
service) and libtool (C3, C4: arbitrary code execution).
Debian has updated ntp (denial of
service).
Mandriva has updated mod_perl
(2008.0: cross-site scripting), xchat
(2008.0: arbitrary code execution), dia
(2008.0: arbitrary
code execution), blender (2008.0: arbitrary
code execution), amarok (2008.0: multiple
vulnerabilities), python-django (2008.0:
multiple...
More perspectives...
From lwn.net
()
Anti-malware testing group AV-Comparatives.org not only gave Microsoft Security Essentials a top rating for malware removal, but now they've given it their best ranking in their performance test as well. AV-Comparatives.org ran a series of real-world tests running through common scenarios like downloading, extracting, copying, and encoding files, installing and launching applications, and they also ran through an automated testing suite as...
More perspectives...
From lifehacker.com
()
Nothing stays safe forever, at least not in the world of information technology and digital communication. Hackers are able to break into sophisticated bank security systems and steal money. Talented coders recently shut down services like Twitter and hackers from North Korea menaced some US government websites.
Sometimes hackers work just for fun but many do [...]
More perspectives...
From 247wallst.com
()
Adobe has issued a security warning for Acrobat Reader 9.2 and Acrobat Pro 9.2. From Adobe's security bulletin:
Adobe has confirmed a critical vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild. Adobe recommends customers follow the mitigation...
More perspectives...
From z.about.com
()
If you use a social network or Adobe Reader products, beware in 2010. Security researchers say these vehicles will see more malicious attacks from hackers in the months ahead.
On Monday, McAfee Labs released its 2010 Threat Predictions report to outline the tech threats enterprises and consumers should be wary of. Social networking and Adobe products are in the spotlight, along with banking Trojans, botnets and HTML 5.
"Sites such as Twitter...
More perspectives...
From crm-daily.com
()
Hewlett-Packard Co. has issued a number of patches for a component in its OpenView software package. The company advises administrators to apply the patches immediately, given the severity of the vulnerabilities. The HP OpenView Network Node Manager (OV NNM) has 12 buffer overflow vulnerabilities that an attacker could exploit to execute arbitrary code and even gain system control.
"The technical characteristics of these vulnerabilities...
More perspectives...
From hackinthebox.org
()
nandemoari writes "When security officials decide to "go after" computer malware, most conduct their actions from a defensive standpoint. For most of us, finding a way to rid a computer of the malware suffices — but for one computer researcher, however, the change from a defensive to an offensive mentality is what ended the two year chase of a sinister botnet once and for all. For two years, Atif Mushtaq had been keeping the notorious Mega-D...
More perspectives...
From rss.slashdot.org
()
LinuxSecurity.com:
Multiple vulnerabilities has been found and corrected in mono:
IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class
in Mono 1.2.5.1 and previous versions, which allows arbitrary code
execution by context-dependent attackers (CVE-2007-5197).
Multiple cross-site scripting (XSS) vulnerabilities in the ASP.net
class libraries in Mono 2.0 and earlier allow remote attackers to
inject arbitrary web script or HTML...
More perspectives...
From linuxsecurity.com
()
LinuxSecurity.com: Multiple vulnerabilities were fixed in PHP, which can be exploited by malicious people to potentially (1) conduct cross site scripting (XSS) attacks (2) interrupt corruption of the SESSION superglobal array and (3) the session.save_path directive
More perspectives...
From linuxsecurity.com
()
Debian has updated ganeti (remote
command execution) and
acpid (information disclosure).
Fedora has updated
libtool (F11: code execution),
asterisk (F11, F12: denial of service), and
mysql (F11, F12: symlink vulnerability).
Mandriva has updated proftpd
(man-in-the-middle vulnerability),
firefox 3.5 (multiple vulnerabilities), and
firefox 3.0 (multiple vulnerabilities).
Red Hat has updated condor (RHEL4
MRG,
RHEL5 MRG: privilege...
More perspectives...
From lwn.net
()
DENVER, Dec. 15 /PRNewswire/ -- Secure64 Software Corporation has added a new product to its award-winning suite of DNS security products: Secure64 DNS Cache, a high-performing DNS caching solution that offers the greatest protection against cache poisoning attacks. Secure64 DNS Cache starts at $29,995 and is available immediately from Secure64.
More perspectives...
From rss.prnewswire.com
()
Anti-virus software runs a fine line between offering good protection and having a noticeable performance hit on your system. Security vendors are always trying to improve the performance of their security suites while keeping detection and prevention rates as close to 100% as possible.
Microsoft is fighting a double battle offering both a free anti-virus [...]
More perspectives...
From geek.com
()
Dennis Fisher of Thread Post reports: "The malware writers and criminals who run botnets for years have been using shared hosting platforms and so-called bulletproof hosting providers as bases of operations for their online crimes. But, as law enforcement agencies and security experts have moved to take these providers offline, the criminals have taken the next step and begun setting up their own virtual data centers."
Follow CircleID on...
More perspectives...
From circleid.com
()
It's been a year since Symantec's acquisition of MessageLabs. In an interview with eWEEK, former MessageLabs CEO Adrian Chamberlain, now head of Symantec's software-as-a-service business, discusses the security company's plans for the SAAS space in the coming year and drops some hints on where Symantec may be headed. - One of the underlying trends in security of late has been
the adoption
of cloud-based services. On the acquisition front...
More perspectives...
From eweek.com
()
CentOS has updated expat (C3,
C4: buffer overflows).
Debian has updated shibboleth-sp
(cross-site scripting).
Mandriva has updated subversion
(several vulnerabilities), ruby (several
vulnerabilities), mysql (multiple
vulnerabilities), cups (multiple
vulnerabilities), postgresql8.2 (multiple
vulnerabilities), clamav (multiple
vulnerabilities), openexr (several
vulnerabilities), irssi (off-by-one error),
eggdrop (remote denial of service...
More perspectives...
From lwn.net
()
CentOS has updated kdelibs (C4:
arbitrary code execution).
Debian has updated libvorbis
(arbitrary code execution).
Fedora has updated php-pear-Net-Ping (F10, F11, F12: arbitrary code execution) and
php-pear-Net-Traceroute (F10, F11, F12:
arbitrary code execution).
Gentoo has updated uw-imap (multiple
vulnerabilities), dstat (arbitrary code
execution), and wireshark (multiple
vulnerabilities).
Red Hat has updated kdelibs (RHEL 4...
More perspectives...
From lwn.net
()
LinuxSecurity.com:
A vulnerability was discovered and corrected in acl:
The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when
running in recursive (-R) mode, follow symbolic links even when the
--physical (aka -P) or -L option is specified, which might allow
local users to modify the ACL for arbitrary files or directories via
a symlink attack (CVE-2009-4411).
This update provides a fix for this vulnerability.
More perspectives...
From linuxsecurity.com
()
This month 6 is the lucky number again. We have 6 updates this month. Please see details of these below. Bulletin ID Bulletin Title Max Severity Rating Vulnerability Impact Restart Requirement Affected Software MS09-069 Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service Important Denial of Service Requires...
More perspectives...
From blogs.technet.com
()
LinuxSecurity.com:
A vulnerability has been found and corrected in acpid:
acpid 1.0.4 sets an unrestrictive umask, which might allow local users
to leverage weak permissions on /var/log/acpid, and obtain sensitive
information by reading this file or cause a denial of service by
overwriting this file, a different vulnerability than CVE-2009-4033
(CVE-2009-4235).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
This...
More perspectives...
From linuxsecurity.com
()
Microsofts kostenlose Antivirus-Software Security Essentials hat in einem Benchmark-Test von AV-Comparatives besser abgeschnitten, als die kostenlosen Sicherheitsprodukte von anderen Herstellern. Microsoft ... (Weiter lesen)Verwandter InhaltWindows 7: Probleme mit großen SATA-FestplattenAstronaut sein: NASA arbeitet an Online-RollenspielApple-Boss Jobs erhält Jahresgehalt von 1 US-Dollar
More perspectives...
From static.winfuture.de
()
Debian has updated cacti (multiple
vulnerabilities, some from 2007) and
network-manager-applet (information
disclosure).
Fedora has updated merkaartor (F11,
F12: symbolic link vulnerability).
Red Hat has updated seamonkey
(multiple vulnerabilities),
firefox (multiple vulnerabilities), and
gpdf (buffer overflow).
More perspectives...
From lwn.net
()
Adobe has confirmed a critical vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions that could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild. Adobe recommends customers follow the mitigation guidance below ...
(Read on Source)
More perspectives...
From megite.com
()
Yesterday, Google launched its new Public DNS service. Among the benefits that Google is claiming for the new service is that it helps to secure DNS for users.
Is that an accurate claim?
One of the big issues that security researcher Dan Kaminsky disclosed about DNS insecurity in 2008 was that DNS request information isn't quite as random as it should be. The way DNS works is that each DNS request is supposed to carry with it a random...
More perspectives...
From hackinthebox.org
()
One-time passwords and phone authentication no longer enoughSecurity measures such as one-time passwords and phone-based user authentication are no longer enough to protect online banking transactions against fraud, according to a new report from Gartner.
More perspectives...
From computerworlduk.com
()
From the 'Mission Accomplished?' files: For more than a year now I've heard lots of people in the Internet industry proclaiming DNSSEC (DNS Security Extensions) as the long-term solution to DNS cache poisoning vulnerabilities. That may not necessarily be the case. A new vulnerability is now out that attacks DNS servers WITH DNSSSEC installed. In the summer of 2008, security researcher Dan Kaminsky made the whole world aware of potential...
More perspectives...
From freerepublic.com
()
Adobe Reader and Adobe Acrobat have been hit with yet another zero day vulnerability that is affecting all versions of both programs up to Adobe Reader and Adobe Acrobat 9.2. The vulnerability has been disclosed to the public by Adobe’s Security Response team who wrote in their blog that they “are currently investigating this issue [...]
More perspectives...
From ghacks.net
()
Google has implemented security features in Google Public DNS to help prevent DNS cache poisoning and denial of service attacks. But while some applaud Google's approach, others - including OpenDNS - say Google is not breaking new ground. - Much has been made about how Google Public DNS will improve the speed of the Web. But what about security?
According to some, Google is on the right track - though others say the company is not...
More perspectives...
From eweek.com
()
LinuxSecurity.com:
David Ford discovered that the IPv4 defragmentation routine did not
correctly handle oversized packets. A remote attacker could send
specially crafted traffic that would cause a system to crash, leading
to a denial of service. (The fix was included in the earlier kernels
from USN-864-1.) (CVE-2009-1298)
Akira Fujita discovered that the Ext4 "move extents" ioctl did not
correctly check permissions. A local attacker could...
More perspectives...
From linuxsecurity.com
()
I'm interrupting my scheduled series on reputation to bring you a public service message. This week on Security Levity, a reminder to beware of all kinds of phishing attack: not just bad guys pretending to be your bank...
read more
More perspectives...
From blogs.computerworld.com
()
LinuxSecurity.com:
A vulnerability has been found and corrected in jpgraph:
Multiple cross-site scripting (XSS) vulnerabilities in the
GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph
3.0.6 allow remote attackers to inject arbitrary web script or HTML
via a key to csim_in_html_ex1.php, and other unspecified vectors
(CVE-2009-4422).
This update provides a solution to this vulnerability.
More perspectives...
From linuxsecurity.com
()
Debian has updated belpic
(certificate validation bypass).
Fedora has updated wireshark (F10:
multiple vulnerabilities), cups (F10:
denial of service), expat (F10, F11, F12:
denial of service), dstat (F11, F12: arbitrary code execution), maniadrive (F12: buffer overflow), php (F12: buffer overflow), nginx (F10, F11, F12: multiple vulnerabilities), and
kernel (F11, F12: null pointer dereference).
Mandriva has updated postfix
(2008.0...
More perspectives...
From lwn.net
()
To improve system performance under Windows operating systems, Microsoft advises users to exclude certain file types and directories from anti-virus scanning. But the list is public, leading security researchers to worry the "whitelist" will be exploited by malware writers.Read | Permalink
More perspectives...
From outlookpower.com
()
By recommending that users exclude some file extensions and folders from antivirus scans, Microsoft may put users at risk, a security company said today.
In a document published on its support site, Microsoft suggests that users do not scan some files and folders for malware as a way to improve performance in Windows 2000, XP, Vista, Windows 7, Server 2003, Server 2008 and Server 2008 R2. "These files are not at risk of infection. If you scan...
More perspectives...
From hackinthebox.org
()
Curious about what's going to happen to our critical IT infrastructure in 2010? Here, IT security luminaries Mark Weatherford, CISO for California State, and Dan Kaminsky, finder of last year's DNS flaw, offer five predictions each. (The first of 2 parts).
More perspectives...
From networkworld.com
()
Steam from Valve is the largest digital distribution network in the world, with over 20 million active users. This is how people today buy their PC games and other content. In many ways, Steam is a competitor for iTunes.And just like there are phishing attacks to steal iTunes accounts, there are phishing attacks against Steam as well. After all, they both have money in them.Here's an example attack, trying to steal Steam credentials via the...
More perspectives...
From f-secure.com
()
I have a virus that doesnt allow me to access the internet, start any programs (gives me a windows security alert and says the application cannot be executed) and wants me to activate its antivirus software. It gives me a antivirus software alert that blocks my taskbar and says "Infiltration...
More perspectives...
From daniweb.com
()
Last month, a vulnerability in SSL and TLS (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555) was announced. Almost immediately thereafter, it was successfully exploited to obtain Twitter account passwords (http://www.securityfocus.com/news/11564). The vulnerability affects most...
More perspectives...
From daniweb.com
()
Adobe Systems plans to release a patch for a zero-day vulnerability in Adobe Reader and Acrobat that has come under attack. It is the second critical security vulnerability Adobe has promised users it will fix in the coming weeks. - Adobe Systems is prepping a patch for a zero-day bug affecting its Reader and Acrobat software for release by Jan. 12.
The vulnerability is considered critical by Adobe and impacts the latest versions of...
More perspectives...
From eweek.com
()
Barence writes "Security firm Trend Micro has accused Microsoft of giving malware writers a helping hand by advising users not to scan certain files on their PC because 'they are not at risk of infection.' Trend Micro warns that by making such information available, Microsoft is effectively creating a hit list for malware writers. 'Following the recommendations does not pose a significant threat as of now, but it has a very big potential of...
More perspectives...
From rss.slashdot.org
()
Cybercriminals pushing 'scareware' or fake anti-virus software are exploiting the news of Brittany Murphy's death.
Murphy is thought to have suffered a cardiac arrest at around 0800 Pacific Time (1600GMT) on Sunday, with the first reports appearing on celebrity news site TMZ.com.
Just hours later, researchers at Finnish security firm F-Secure reported that cybercriminals were 'poisoning' search results for the actress with specially created...
More perspectives...
From hackinthebox.org
()
In the wake of highly publicized security alerts from software giant Microsoft, online criminals have used the wave of public interest to push malicious software on an unsuspecting public.
The malicious emails take the usual form: A message from an authoritative source - in this case, Microsoft director of security assurance Steve Lipner - warns that security updates must be installed to ensure the security of the targeted PCs. The "updates...
More perspectives...
From hackinthebox.org
()
Twitter’s website went offline for about an hour Thursday, with many tweeters redirected to a defacement page boasting “This site has been hacked by Iranian Cyber Army.”
Twitter acknowledged the 10 p.m. takeover, one in a series of security lapses to hit the popular microblogging service. Twitter said its DNS records “were temporarily compromised.”
Tom Daly, chief [...]
More perspectives...
From blog.wired.com
()
In theory, URL shorteners make perfect sense in the world of the 140 character status update popularized by Twitter and used heavily by other social networks. It is commonly accepted that shorter headlines and copy tend to have greater pull…
More perspectives...
From feedburner.com
()
TypePad Blogs, Thursday 17 December 2009 at 12:14:08Mozilla has updated its flagship Firefox web browser to patch three critical vulnerabilities. Firefox 3.5.6 and 3.0.16 suffered from crashes due to...Mozilla has updated its flagship Firefox web browser to patch three critical vulnerabilities. Firefox 3.5.6 and 3.0.16 suffered from crashes due to memory corruption, according to the Mozilla security advisory....
More perspectives...
From vnunet.com
()
Adobe Systems is dealing with a new security vulnerability affecting the latest versions of Adobe Reader and Acrobat as the company continues work on a fix for another zero-day bug exposed earlier this month. - Attackers are exploiting a new vulnerability affecting Adobe Systems Reader and Acrobat software in what are reportedly targeted attacks.
According to Adobes Product Security Incident Response Team blog, the vulnerability...
More perspectives...
From eweek.com
()
LinuxSecurity.com:
Michael Sinatra discovered that Bind did not correctly validate certain
records added to its cache. When DNSSEC validation is in use, a remote
attacker could exploit this to spoof DNS entries and poison DNS caches.
Among other things, this could lead to misdirected email and web traffic.
More perspectives...
From linuxsecurity.com
()
Security software like a-squared Anti-Malware protect the computer system from threats and attacks not only on the Internet but also locally. Unlike its name might suggest a-squared Anti-Malware makes use of two scan engines to protect, detect and remove trojans, viruses, spyware, adware, worms, bots, keyloggers, rootkits and dialers. The software combines the a-squared Anti-Spyware [...]
More perspectives...
From ghacks.net
()
In their last Patch Tuesday of 2009, Microsoft fixed a total of 12 security vulnerabilities affecting Internet Explorer, Microsoft Windows and other products. - Microsoft issued patches for 12 security vulnerabilities today for its final Patch Tuesday of the year, including a fix for a zero-day bug plaguing older versions of Internet Explorer.
All totaled, Microsoft issued six security bulletins, three of which have the rating of critical...
More perspectives...
From eweek.com
()
Debian has updated firefox-sage
(insufficient input sanitizing), asterisk
(multiple vulnerabilities). Debian has also announced an end of life for asterisk in the oldstable
distribution (etch).
Mandriva has updated postgresql
(multiple vulnerabilities).
Red Hat has updated kernel (RHEL5, RHEL4,
RHEL5.2 Extended Update Support: multiple
vulnerabilities).
More perspectives...
From lwn.net
()
Fedora 10 has updated
httpd (multiple vulnerabilities) and
rubygem-actionpack (multiple vulnerabilities).
Fedora 12 has updated
nss-util (man in the middle attack) and
kernel (privilege escalation).
Mandriva has updated
kernel (multiple vulnerabilities),
kdegraphics (multiple vulnerabilities) and
kdelibs (multiple vulnerabilities).
Slackware has updated
ntp (denial of service).
Ubuntu has updated
kernel (multiple vulnerabilities).
More perspectives...
From lwn.net
()
Hackers broke into an online comic strip syndication service Thursday, embedding malicious code that sought to exploit a newly discovered security flaw in Adobe Reader and Acrobat, Security Fix has learned.
On Monday, Adobe Systems Inc. said it was investigating reports that criminals were attacking Internet users via a previously unknown security flaw in its Adobe Reader and Acrobat software. Experts warned that the flaw could be used to...
More perspectives...
From hackinthebox.org
()
LinuxSecurity.com: Description ========== * CVE-2009-3384: Multiple security flaws (integer underflow, invalid pointer dereference, buffer underflow and a denial of service) were found in the way WebKit's FTP parser used to process remote FTP directory listings. If a remote FTP server issued a specially-crafted FTP command, it could lead to disclosure of sensitive information, denial of service (application crash) or, potentially to...
More perspectives...
From linuxsecurity.com
()
LinuxSecurity.com:
Security vulnerabilities have been discovered and fixed in pdf
processing code embedded in koffice package (CVE-2009-3606 and
CVE-2009-3609).
This update fixes these vulnerabilities.
Packages for 2008.0 are being provided due to extended support for
Corporate products.
More perspectives...
From linuxsecurity.com
()
itwbennett writes "Monday afternoon, Adobe 'received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild,' the company said in a post to the company's Product Security Incident Response Team blog. According to malware tracking group Shadowserver, the vulnerability is due to a bug in the way Reader processes JavaScript code. Several 'tests have confirmed this is a 0-day vulnerability...
More perspectives...
From rss.slashdot.org
()
LinuxSecurity.com: Here's a great overview of DNS and its intrinsic security issues, and how Google hopes to address them, and improve the security of DNS on the Internet. Because of the open, distributed design of the Domain Name System, and its use of the User Datagram Protocol (UDP), DNS is vulnerable to various forms of attack. Public or "open" recursive DNS resolvers are especially at risk, since they do not restrict incoming packets to a...
More perspectives...
From linuxsecurity.com
()
Adobe Systems Inc. said Monday it is investigating reports that attackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers. The acknowledgment coincided with an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs that criminals use to control infected systems remotely. Shadowserver member Steven Adair said...
More perspectives...
From blog.washingtonpost.com
()
Many folks have been encountering network connectivity issues and other errors when running older versions of Symantec Endpoint Protection and Symantec Antivirus. So I’m writing to let you know that a solution has been available for the past year and is highly encouraged as an upgrade.
Context
When a Windows Server is running older versions of Symantec Endpoint Protection 11 or Symantec Antivirus 10.2, they may experience performance issues...
More perspectives...
From blogs.technet.com
()
Smart-parking seems to encourage car use. So why do mass-transit advocates love it?
Streetline is starting to gain speed, thanks to a successful trial of their smart-parking system in San Francisco. Basically, it's a network of parking sensors, which are keyed into a centralized system that monitors open parking spaces. Using a smartphone, you can then find out where the open parking-spaces are. GOOD, partnering with IBM, has just produced an...
More perspectives...
From fastcompany.com
()
UPDATED WITH IMAGE: Between about 10 p.m. and 11 p.m. Pacific time on Dec. 17, Twitter was replaced a black background page showing a green flag and with a headline that read, in English: Iranian Cyber Army ... This Website Has Been Hacked by Iranian Cyber Army. Twitter returned in about an hour. - Social networking site Twitter was hacked and its main pages replaced for about an hour late Dec. 17.
Between about 10 p.m. and 11 p.m...
More perspectives...
From eweek.com
()
LinuxSecurity.com:
A vulnerability was discovered and corrected in perl-IO-Socket-SSL:
The verify_hostname_of_cert function in the certificate checking
feature in IO-Socket-SSL (IO::Socket::SSL) 1.14 through 1.25 only
matches the prefix of a hostname when no wildcard is used, which
allows remote attackers to bypass the hostname check for a certificate
(CVE-2009-3024).
This update provides a fix for this vulnerability.
Update:
Packages were...
More perspectives...
From linuxsecurity.com
()
New research from Trusteer shows that while the majority of phishing attacks are unsuccessful, those that slip past security defenses are costing millions. With nearly half of those who click on links to phishing sites giving up their personal information, here are some tips on what you need to do to protect your enterprise. - Ever wonder what percentage of people are clicking on those e-mails leading to fraudulent bank login pages? The...
More perspectives...
From eweek.com
()
Jack Spine writes "VeriSign has said that the main obstacle to DNSSEC implementation has been technical delays. The large size of the .com and .net domains would have made it impractical to deploy earlier versions of DNSSEC, according to VeriSign vice president of naming services Pat Kane. Deployment of DNSSEC will close a major security flaw in the DNS, the internet's equivalent to a telephone directory. The problem of DNS cache poisoning was...
More perspectives...
From rss.slashdot.org
()
Ethical hacking has a definite role to play in keeping businesses secure, according to the Symantecâs CEO Enrique Salem, but the company will not hire known hackers to carry out the service.
Responding to Computerworld questions at a media conference in Sydney, Salem said the issue of hackers playing both ethical âwhite hatâ roles as well as criminal âblack hatâ roles to become effectively âgrey hatsâ was an issue in the security industry...
More perspectives...
From hackinthebox.org
()
LinuxSecurity.com: A couple of months ago, the US Dept of Homeland Security announced they wanted to recruit 1,000 cyber security professionals over the next three years. The process has started. Department of Homeland Security (DHS) Secretary Janet Napolitano announced in October a plan to recruit up to 1,000 cyber security experts to assist with the protection of infrastructure, systems and networks.
More perspectives...
From linuxsecurity.com
()
CLEARWATER, Fla., Dec. 2 /PRNewswire/ -- Sunbelt Software, a leading provider of Windows security software, today announced that its VIPRE Antivirus + Antispyware product has received the VB100 award from Virus Bulletin, the highly-respected independent comparative testing group, in the December 2009 issue of its online publication.
More perspectives...
From rss.prnewswire.com
()
A hacker recently demonstrated how a SQL injection vulnerability in a Symantec Website could be exploited to reveal user data. Symantec says the vulnerability ony impacts customers in Japan and South Korea. - A Website operated by security firm Symantec was hacked giving an attacker a sneak peak at sensitive customer data.
The Romanian hacker known as Unu, who earlier this year uncovered a hole in a Website run by Kaspersky Lab, exploited...
More perspectives...
From eweek.com
()
LinuxSecurity.com:
A vulnerability was found in xmltok_impl.c (expat) that with
specially crafted XML could be exploited and lead to a denial of
service attack. Related to CVE-2009-2625 (CVE-2009-3720).
This update fixes this vulnerability.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
More perspectives...
From linuxsecurity.com
()
LinuxSecurity.com:
A vulnerability has been found and corrected in gd:
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the
GD Graphics Library 2.x, does not properly verify a certain colorsTotal
structure member, which might allow remote attackers to conduct
buffer overflow or buffer over-read attacks via a crafted GD file,
a different vulnerability than CVE-2009-3293. NOTE: some of these
details are obtained from third...
More perspectives...
From linuxsecurity.com
()
Phil Muncaster, V3.co.uk, Thursday 26 November 2009 at 12:27:00 New malware could spell trouble for users of IP telephony service Security experts have warned Skype users that new malware similar to the infamous Koobface worm that caused havoc on Facebook is now targeting the popular IP telephony service....
More perspectives...
From vnunet.com
()
Since Google decided to launch its own DNS service, we've dug into finding the fastest domain name server and knowing if yours failed. If you're on a GNOME-based Linux system, you can also try any DNS service without router configuration. Panji Nushantara details a small tweak you can make to your network settings in Ubuntu or any Linux system that uses the native Network Manager app: run System -> Preferences -> Network Connections you can...
More perspectives...
From lifehacker.com
()
The goal is for Google's Public Domain Name Server (DNS) is to increase your browsing speed and improve online security -- and it's likely the new DNS will do that. But will it compromise your privacy?
More perspectives...
From itbusiness.ca
()
Last month, researchers found a security flaw in the SSL protocol, which is used to protect sensitive web data. The protocol is used for online commerce, webmail, and social networking sites. Basically, hackers could hijack an SSL session and execute commands without the knowledge of either the client or the server. The list of affected products is enormous.
If this sounds serious to you, you're right. It is serious. Given that, what should...
More perspectives...
From schneier.com
()
Panda Global Protection 2010, Internet Security 2010, and Antivirus Pro 2010 use weak permissions (Everyone: Full Control) for the product files, which allows local users to gain privileges by replacing executables with Trojan horse programs.
More perspectives...
From nvd.nist.gov
()
Microsoft has released a new batch of security updates on this month’s Patch Tuesday which patch various security vulnerabilities in Microsoft software products. The vulnerabilities are affecting several popular Microsoft products including various Windows operating systems, Microsoft Internet Explorer and Microsoft Office.
Three of the vulnerabilities have a maximum severity rating of critical while the other [...]
More perspectives...
From ghacks.net
()
CentOS has updated java-1.6.0-openjdk (C5: multiple vulnerabilities).
Debian has updated libgd2 (multiple
vulnerabilities).
Fedora has updated proftpd (F10, F11:
certificate spoofing) and wordpress (F10, F11, F12: multiple vulnerabilities).
Gentoo has updated java (multiple
vulnerabilities).
Red Hat has updated cups (RHEL 5:
multiple vulnerabilities).
SUSE has updated openssl (man in the
middle vulnerability).
More perspectives...
From lwn.net
()
"What are this year's Black Friday software discounts and deals?"
It's become an annual tradition for me to dig up some great deals on software and send them out to this list. I try to dig
Security Software Discounts
70% discount on VIPRE Antivirus + Antispyware - when Black Friday ends, so does this offer. Get antivirus and antispyware protection for only $9.95 today only. Includes identity theft protection and anti-rootkit technology...
More perspectives...
From jakeludington.com
()
BUCHAREST, ROMANIA -- (Marketwire) -- 12/08/09 -- BitDefender : http://www.bitdefender.com/ , an award-winning provider of innovative anti-malware security solutions announced today the release of 'Conficker - One Year After,' a whitepaper detailing the Conficker worm's first appearance in November 2008, the damage it has done, and predictions on how it will spread in 2010. Conficker is a well-written piece of malware that has the potential...
More perspectives...
From pr-inside.com
()
THE next time you see a close friend announcing a good deal on Facebook, beware: It might be a trick hatched by hackers.The high-traffic social-networking website is the latest tool that hackers are using to 'phish', that is, to steal personal information to carry out online fraud.
More perspectives...
From straitstimes.com
()
Spam is usually thought of in the context of annoying, but not necessarily dangerous. However, between September and October 2009, on average, more than 2 percent of spam e-mails had attached malware; this represents a nine fold increase in the number of spam messages actually containing malware.
More perspectives...
From abs-cbnnews.com
()
Tarinth writes "Google just announced its new Google DNS platform. Many have viewed this as a move to increase ad revenue, or maybe capture more data. This article explores those questions, as well as the actual benchmarking results for Google DNS — showing that it is faster than many, but not nearly as fast as many others." We also recently discussed security implications of the Google Public DNS.Read more of this story at Slashdot.
More perspectives...
From rss.slashdot.org
()
This security update resolves four privately reported vulnerabilities and one publicly disclosed vulnerability in Internet Explorer. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less ...
(Read on Source)
More perspectives...
From megite.com
()
LinuxSecurity.com: Banks and financial institutions are fond of lecturing customers about the perils of phishing emails, the bogus messages that attempt to trick marks into handing over their login credentials to fraudulent sites. Yet many undo this good work by sending out emails themselves that invite users to click on a link and log into their account rather than going a safer route and telling users to use bookmarked versions of their site.
More perspectives...
From linuxsecurity.com
()
Security experts warned today that the Verified by Visa online authentication scheme has become the latest lure used by phishers hoping to harvest personal information from unsuspecting shoppers.. The scam begins with users being sent an email inviting them to join the scheme, but clicking on the link takes them to a fake site (see screenshot below).
Andrew Brandt, a malware researcher at Webroot, explained in a blog post that the site then...
More perspectives...
From hackinthebox.org
()
Cisco released its Cisco 2009 Annual Security Report this morning, and it contains some interesting insight on many of the vulnerabilities and threat vectors we face today.
InformationWeek's RSS Feed is brought to you by
NEC
Ads by Pheedo
More perspectives...
From informationweek.com
()
LinuxSecurity.com:
It was discovered that libvorbis did not correctly handle ogg files with
underpopulated Huffman trees. If a user were tricked into opening a
specially crafted ogg file with an application that uses libvorbis, an
attacker could cause a denial of service. (CVE-2008-2009)
It was discovered that libvorbis did not correctly handle certain malformed
ogg files. If a user were tricked into opening a specially crafted ogg file
with...
More perspectives...
From linuxsecurity.com
()
According to M. E. Kabay of Network World, "During the 1990s, the term "hacker" became synonymous with "cracker," which is a person who performs some form of computer sabotage." But, that is not what the term originally meant:"Hacker: A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is...
More perspectives...
From blogger.com
()
CLEARWATER, Fla., Dec. 3 /PRNewswire/ -- Sunbelt Software, a leading provider of Windows security software, today announced the top 10 most prevalent malware threats for the month of November 2009. The report, compiled from monthly scans performed by Sunbelt's award-winning anti-malware solution, VIPRE® Antivirus + Antispyware, and its antispyware tool, CounterSpy®, is a service of SunbeltLabs(TM).
More perspectives...
From rss.prnewswire.com
()
Last month, the FBI warned that hacker attacks on law firms were increasing. Specifically, the Feds noticed a rise in phishing emails with malicious attachments: just one click and the userâs computer can be exploited by the hacker.
According to the Denver Post, the reason law firms are being targeted is their wealth of client information. Many firms keep clientâs social security numbers or other personal information on their networks...
More perspectives...
From hackinthebox.org
()
A yearly security report released Tuesday by technology company Cisco says that banks and online social networks are growing targets for cyber criminals."Criminals have been taking note of the large crowds in social-networking sites," said Cisco security researcher Scott Olechowski to AFP.
More perspectives...
From redorbit.com
()
Antivirus software is essential to protect your computers from security threats such as spyware and hackers. But there is a wide range of antivirus software out there, all promising to protect your computer systems at a reasonable price. If you are selecting antivirus software for your company, there are a number of questions you must address: how well the antivirus software protects your PC, how easy is it to use, and if something goes wrong...
More perspectives...
From hackinthebox.org
()
You know a domain name isn’t really what you think it is. Computers don’t talk to each other using domain names and when you’re wanting to surf on over to your favorite websites, you’re not really going to a server named whatever the domain name is you want.
All a domain name does is point a person to the computer and network that’s hosting the files that you see when you type in that domain name. It’s like an alias for what’s really...
More perspectives...
From searchengineherald.com
()
Shaun Nichols in San Francisco, V3.co.uk, Tuesday 8 December 2009 at 02:16:00 Phishing attack aims for site credentials A new phishing attack is targeting webmasters in an attempt to gain access to site credentials. According to security firm Trusteer, the attack targets cPanel, a popular management tool for...
More perspectives...
From vnunet.com
()
snydeq writes "Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly...
More perspectives...
From rss.slashdot.org
()
Adobe has published a security advisory announcing that it will be issuing a critical update to its Flash and Air products next week. Details of the vulnerabilities, which will apply to Adobe Flash Player 10.0.32.18 and earlier, and Adobe AIR 1.5.2 and previous versions, have not yet been made public, but users are being advised to keep an eye on Adobe's PSIRT blog for additional information
More perspectives...
From cooeesearch.com
()
Anti-malware testing group AV-Comparatives.org not only gave Microsoft Security Essentials a top rating for malware removal, but now they’ve given it their best ranking in their performance test as well. (more…)
More perspectives...
From lifehacker.com.au
()
System Adware Scanner 2010 is a rogue anti-spyware, and an aggressive one at that. Besides showing you fake scan reports and other types of fake security warnings, System Adware Scanner 2010 will also block some applications telling you that they are ...
More perspectives...
From search.live.com
()
Microsoft's new anti-virus software, Microsoft Security Essentials, runs faster than the leading Symantec and McAfee applications, according to a report (PDF) by AV-Comparatives.
(Read on Source)
More perspectives...
From megite.com
()
Trend criticises posting of AV exclusion listBy recommending that users exclude some file extensions and folders from antivirus scans, Microsoft may put users at risk, according to security firm Trend Micro.
More perspectives...
From pcadvisor.co.uk
()
No Credit Card Required for this download. • Award-winning Firewall Protection • AntiVirus Software • Proactive Security Developed by one of the world's leading IT security providers, Comodo AntiVirus leverages multiple technologies ...
More perspectives...
From blogsearch.google.com
()
LinuxSecurity.com: News, overnight of the latest in Twitter security mishaps, and in this case a quantifiable screw-up... This time, Twitter's DNS records have fallen victim to the 'classic' DNS Redirect exploit....
More perspectives...
From linuxsecurity.com
()
Google has its own DNS service, slipping its tentacles into yet another fundamental aspect of online life. How bad can it be?
Google recently unveiled its Public DNS service. Like OpenDNS, it allows you to bypass your ISP’s DNS servers. Unlike OpenDNS, it is managed by Google.
Sterling Camden, TechRepublic’s IT Consulting guru, asked me whether this raises any particular security red flags for me. I think he might have been asking it...
More perspectives...
From planetsysadmin.com
()
Heuristically detects Spyware threats, detects blocks Internet worm attacks, and protects email.Norton AntiVirus blocks viruses and spyware with advanced protection. Key Technologies .Antivirus .Spyware protection .Two-way firewall ...
More perspectives...
From blogsearch.google.com
()
Anti-malware testing group AV-Comparatives.org not only gave Microsoft Security Essentials a top rating for malware removal, but now they've given it their best ranking in their performance test as well. AV-Comparatives.org ran a series of real-world tests running through common scenarios like downloading, extracting, copying, and encoding files, installing and launching applications, and they also...Digital Media thoughts (subscribe) : Which...
More perspectives...
From rss.wikio.com
()
In a headline that will define 2010, CBS lets us know the intent of hackers. Cash Money. Mark my words. In 2010 Financial Institution's will learn that the browser space is untenable. .
Banks can spend millions on security on "their" IT, but hackers don't need to go after the bank. They can go after the online banking customers.
Malware grew exponentially in 2009. Phishing has become more sophisticated. If phishing is words, and...
More perspectives...
From pindebit.blogspot.com
()
Three-user license of the easiest-to use and most intuitive protection for your computer; install it and forget about viruses, spyware, rootkits, hackers, online fraud and identity theft
Anti-Malware Engine automatically detects and eliminates viruses, spyware, Trojans, rootkits, bots and other malware before they infect your computer
Advanced Proactive Protection technologies from Panda Security are widely recognized as [...]
More perspectives...
From winnokiamobile.com
()
Sold Individually
Product DescriptionItem #: N37918. Symantec AntiVirus for Network Attached Storage 5. 1 provides virus scanning and repair services for a number of network-attached storage (NAS) devices. Symantec AntiVirus for Network Attached Storage 5. 1 features the Symantec Scan Engine version 5. 1, a carrier-class virus scanning and repair engine. The Symantec [...]
More perspectives...
From winnokiamobile.com
()
Google has launched an Internet-facing pair of public DNS addresses. In this TechRepublic blog, IT pro Rick Vanover shows configuration and usage of the new engines.
————————————————————————————–
Is there anything Google isn’t going to do? Google has recently announced Google Public DNS services for Web engines and other systems to query for address resolution. This makes some sense, as Google crawls the Web frequently and has a good idea of...
More perspectives...
From planetsysadmin.com
()
Norton 360 3.0 1-User/3Pc (CD-ROM)By Symantec Buy new: $46.9971 used and new from $32.46 Customer Rating: Customer tags: norton 360(63), antivirus(48), security software(40), symantec(36), norton 360 security suite(30), norton 360 version 30(24), internet security(22), norton(22), norton internet security 2009(15), norton 360 version 3(2), anti virus(2), backup(2)
More perspectives...
From pipes.yahoo.com
()
Smartphone attacks, rogue antivirus, cloud breaches top 2010 security concernsSan Francisco ChronicleWhile a handful of malware attacks have surfaced of late against "jailbroken" iPhones (ones whose owners have deliberately disabled Apple controls), ...Antivirus Under Attack From Polymorphic Threats -- and YouNewsweek (blog)Rogue Antivirus Operations Thrive in 2009eWeekall 10 news articles »
More perspectives...
From news.google.com
()
Businesses and entrepreneurs must be careful about using social networking applications on smartphones and beware of phishing attacks designed to steal private information, security experts have warned.
More perspectives...
From cooeesearch.com
()
Telegraph.co.ukPro-Iranian hackers hit TwitterBBC NewsA group calling itself the Iranian Cyber Army has hacked Twitter and an Iranian opposition website, replacing it with an anti-American message. Traffic to the social networking website was redirected for nearly two hours on Thursday night. ...Twitter hacked by "Iranian Cyber Army"?ReutersTwitter hacked by 'Iranian Cyber Army'AFPTwitter Downed By 'Iranian' HackersInformationWeekAHN -PC World...
More perspectives...
From google.com
()
http://codex.wordpress.org/FAQ_My_site_was_hacked is also a great place to start reading.
Another access point to your site by hackers is created if any workstation ("personal computer") exists that has the FTP ID and password on it (e.g. - in an FTP client), and was ever infected with malware. Some malware looks for and sends all FTP IDs and passwords to a hacker repository on the Internet for later use.
More perspectives...
From wordpress.org
()
All users of Adobe Reader and Adobe Acrobat 9.2 are strongly encouraged to incorporate the suggested workaround by disabling JavaScript in Adobe PDF Reader/Acrobat: Click: Edit -> Preferences -> JavaScript and uncheck Enable Acrobat ...
More perspectives...
From blogsearch.google.com
()
Symantec has released yet another security update for several of its Altiris resource management products to patch a critical vulnerability that could allow an attacker to execute arbitrary code
More perspectives...
From heise-security.co.uk
()
Supported operating system includes: Windows 7/Vista/XP/ 2000. Key Features of Wondershare Spyware Removal: Wondershare Spyware Removal offers potent system security protection. It forcefully removes spyware, trojan virus, adware and other various ...
More perspectives...
From search.live.com
()
WASHINGTON (Reuters) -- A computer hacker briefly hijacked Twitter ... James Lewis, a cyber-security expert with the think tank Center for Strategic and International Studies, said the attack might have come from a group that supports Tehran. "
More perspectives...
From search.msn.com
()
With the release of its Public DNS, Google says it has developed a new way to resolve DNS queries. It could translate into faster Web browsing. So, how does it work?
———————————————————————————————————————————–
If Google’s claims are true, their Public DNS technology will vastly improve our Web surfing, and who doesn’t want that? DNS is a simple concept, yet is incredibly complex to implement. With that in mind, let’s take a quick look at...
More perspectives...
From planetsysadmin.com
()
Free wondershare spyware removal released!It is a powerful yet easy-to-use system security tool to protect your system. It removes spyware, trojan virus and other malware. Advanced technology is adopted in Wondershare Spyware Removal to perform proactive defense and remove Rootkit. And it is specially expert in trojan virus and spyware removal, giving you top security protection.
More perspectives...
From michiganpr.net
()
TG DailyHackers infiltrate Amazon CloudTG DailyA security researcher recently identified a Zeus bot (Zbot) variant exploiting Amazon EC2's cloud-based ...Hackers Find a Home in Amazon's EC2 CloudPC WorldBank Login-Stealing Botnet Found Hiding in Amazon CloudReadWriteWeb (blog)Amazon.com Had Malicious Botnet Hiding in (EC2) CloudSAAS DirectoryCNET News -Infosecurity Magazine -Technologizer (blog)all 76 news articles »
More perspectives...
From news.google.com
()
Symantec Norton AntiVirus 2010: A Polished InterfaceWashington PostNorton AntiVirus is a good choice for nontechies, but those willing to deal with a less-refined interface can get stronger protection. ...Spyware Doctor With Antivirus: First LookPC WorldPicking the Right Security SoftwareWashington Postall 17 news articles »
More perspectives...
From news.google.com
()
Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure.This marks the first time Amazon Web ... Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure .
More perspectives...
From topix.com
()
Trusteer Discovers Phishing Campaign Designed to Steal Content Management Login Credentials in order to Commit Banking Fraud
NEW YORK--(BUSINESS WIRE)--Trusteer, the customer protection company for online businesses, today issued a security advisory that warns the customers of website hosting companies, including yahoo.com, against a new phishing...
More perspectives...
From pindebit.blogspot.com
()
More than four out of five web users click on images of adverts from trusted brands such as banks and social networks, without a second thought about malware or spyware, says Symantec . According to research conducted by YouGov for the security firm ...
More perspectives...
From search.live.com
()
Websense released the Top 10 Threats to Security on the Web for 2010. In honor of the recent hype given to Jack Dorsey's Square, and the lack of coverage regarding it's security, (i.e. is it going to go through PCI Certification Process, What's the encryption process?) I thought I'd feature one of the Top 10. I'll provide the full list later today (by 11:30 am my time) so check back if your curious...
At the end of 2009 Websense Security...
More perspectives...
From pindebit.blogspot.com
()
The McAfee Full Spectrum Network Defense solution delivers day-zero malware detection, network threat behavior analysis, and application-level security. The solution includes Network IPS, User Behavior Analysis, Network Threat Behavior Analysis ...
More perspectives...
From search.live.com
()
The popularity of applications on social networking websites has increased a great deal this year. This has led to a new wave of phishing attacks targeting the users of these applications. Symantec has examined phishing websites ...
More perspectives...
From blogsearch.google.com
()
Mikko Hypponen, Chief Research Officer at F-Secure, states that widely-used social networking websites like Twitter, LinkedIn and Facebook are currently the key targets of cyber criminals, as reported by Guardian on November 29, 2009. ...
More perspectives...
From blogsearch.google.com
()
Several security vendors have reported that the Koobface botnet-based malware has added a variant that now targets Skype users to its previous versions that targeted users of social networks like Facebook and Twitter. ...
More perspectives...
From blogsearch.google.com
()
Critical vulnerabilities in Adobe Flash and Adobe Air are addressed in a security bulletin and software updates today: Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.32.18 and earlier.
More perspectives...
From topix.com
()
You can improve this news page by changing its keywords and content sources.
Edit News
Edit News
From Our Partners
People in Pictures
Top Geek Articles
 |
Celebrities on the Phone
Cell phones are to celebrities like bats are to baseball: no one runs too far without them.
|
 |
Hot Geeks -- The Sexiest Geeky Girls
These girls are gorgeous AND they'll play Warcraft with you. Doesn't get much better than that.
|
 |
Hottest Girl Superhero List
A list of female video-game characters you should check out.
|
