[img_assist|nid=5094|title=|desc=|link=none|align=right|width=100|height=100]Carnegie Mellon University’s CERT (Computer Emergency Response Team) has released a basic fuzzing framework to help identify and eliminate security vulnerabilities from software products.
[img_assist|nid=5093|title=|desc=|link=none|align=left|width=100|height=100]Adobe, which has been under fire for the security of its flagship products, Flash and Reader, for some time now, may be on the verge of changing its patching process to push fixes out on a monthly schedule, which would coincide with Microsoft’s monthly Patch Tuesday releases.
One of the most novel approaches for acquiring new botnet clients is a weird combination consisting of direct DDoS extortion,
followed by penalties for delayed response and the offering of 30% discount in case the victim wants to
DDoS the competition once the ransom is paid. Read the full article. [ZDNet]
[img_assist|nid=5090|title=|desc=|link=none|align=left|width=100|height=100]Five people were indicted this week on wire fraud and other criminal charges stemming from a 2007 cybertheft in which nearly $450,000 was stolen from the bank accounts of the city of Carson, California using credential-stealing spyware. Read the full article. [Computerworld]
[img_assist|nid=5087|title=|desc=|link=none|align=right|width=85|height=85]Cisco Systems has warned of serious vulnerabilities in a device that
connects a building’s ventilation, lighting, security, and energy supply
systems so they can be controlled by IT workers remotely. The networking giant urged users of the Cisco Network
Building Mediator products to patch the vulnerabilities, which among
other things allow adversaries to obtain administrative passwords. Read the full article. [The Register]
[img_assist|nid=5078|title=|desc=|link=none|align=left|width=100|height=100]Adobe has issued a security patch for its Adobe Photoshop CS4 software to plug “critical” vulnerabilities that expose users to code execution attacks with rigged image files.The flaws affect both Windows and Mac OS X users. Adobe Photoshop CS5 is not affected by these issues.
[img_assist|nid=5073|title=|desc=|link=none|align=right|width=100|height=100]Media Temple, Web hosting provider for Adobe, ABC, Sony, NBC, Time,
Volkswagen, and Starbucks, was hit with a sophisticated distributed
denial-of-service (DDoS) attack. Read the full article. [CNET]
[img_assist|nid=5074|title=|desc=|link=none|align=left|width=100|height=100]A researcher was able to gain unfettered access to
his iPhone 3GS from Ubuntu 10.04. If he connected the device whilst it
was turned off and then turned it on, Ubuntu auto-mounted the file
system and was able to access several folders despite never having
previously been connected to the iPhone. Read the full article. [The H Security]
Researchers from Microsoft have come up a sensor
widget concept that provides alerts and lets users control and monitor
exactly what other users see from their webcams, microphones, and other
live data streams. Read the full article. [Dark Reading]
[img_assist|nid=5072|title=|desc=|link=none|align=left|width=100|height=100]The current raft of stories about privacy problems on Facebook and other high-profile sites is leading to a renewed consideration in some circles of whether there’s a need for tighter government regulation of sites’ privacy policies and user notifications. Regulation, experts say, may be the only real way to force sites to respect users’ privacy.