Browsing Category: Vulnerabilities

Categories: Malware, Vulnerabilities

[img_assist|nid=3176|title=|desc=|link=none|align=left|width=100|height=100]Adobe has acknowledged that an internal screw-up caused a potentially dangerous Flash Player flaw to remain unpatched for more than 16 months after it was first reported by an external security researcher.”It slipped through the cracks,” said Emmy Huang, a product manager for Flash Player. Adobe’s mea-culpa follows the public release of proof-of-concept code demonstrating a Flash Player browser plug-in crash.

Read more...

[img_assist|nid=3170|title=|desc=|link=none|align=right|width=100|height=100]Dennis Fisher talks with Tyler Shields of Veracode about his BlackBerry spyware application, txsBBSPY, the coming wave of smartphone attacks and his lack of surprise about the Google Aurora attack.

Read more...

[img_assist|nid=3173|title=|desc=|link=none|align=left|width=100|height=100]A metals supply company in Michigan is suing its bank for poor security
practices after a successful phishing attack against an employee
allowed thieves to steal more than half a million dollars last year. Read the full article. [KrebsonSecurity]

Read more...

[img_assist|nid=3167|title=|desc=|link=none|align=right|width=100|height=100]Fake emails claiming to be from the IRS are a variation of the usual IRS phishing expeditions that
typically target end users during tax time, but this campaign aims
to infect organizational machines through corporate rather than
personal email. Read the full article. [Infosecurity]

Read more...

[img_assist|nid=2971|title=|desc=|link=none|align=left|width=100|height=100]To entice security researchers to look for holes in the Chrome browser,
Google has announced it will pay $500 for dangerous security flaws found in the code. But
several experts say that’s not enough money to motivate skilled
vulnerability researchers. Read the full story [CNet]

Read more...

Researchers at Penn State University have developed an algorithm that defends against the spread of local
scanning worms that search for hosts in “local” spaces within networks
or sub-networks. This strategy allows them access to hosts that are
clustered, which means once they infect one host, the rest can be can
be infected quickly. Read the full article. [Dark Reading]

Read more...

Categories: Malware, Vulnerabilities

[img_assist|nid=3165|title=|desc=|link=none|align=left|width=100|height=100]Novell is reporting a critical security vulnerability in NetStorage
which can be exploited by a remote attacker to compromise a system. The
vendor has not provided any details of the vulnerability, but has
stated that exploiting the vulnerability to inject and execute code
does not require authentication. Read the full article. [The H Security]

Read more...

[img_assist|nid=3150|title=|desc=|link=none|align=right|width=100|height=100]The prosecution of a Swedish man charged with breaching the computer
networks of NASA and Cisco Systems and making off with sensitive source
code will be transferred to Swedish authorities, US federal prosecutors
said Monday. Read the full article. [The Register]

Read more...