Alerts
Jan 20, 2009 (15 hours ago)
TA09-020A: Microsoft Windows Does Not Disable AutoRun Properly
from US-CERT Technical Cyber Security Alerts
Microsoft Windows Does Not Disable AutoRun Properly
Security News
Jan 20, 2009 (14 hours ago)
Payment Processor Breach May Be Largest Ever
from CGISecurity - Website and Application Security News by Romain Gaucher
The Washington Post reports today a new breach: "A data breach last year at Princeton, N.J., payment processor Heartland Payment Systems may have led to the theft of more than 100 million credit and debit card accounts, the company said today." More info on the article.
Jan 20, 2009 (16 hours ago)
The McAfee 2009 Threat Predictions
from McAfee Avert Labs by David Marcus
Today, we at McAfee Avert Labs released our 2009 Threat Predictions. Amongst the findings are:
Threats Hide in the CloudMiscreants have also transitioned to the Internet “cloud” as their main delivery vehicle and take advantage of the attractions of Web 2.0. McAfee expects this trend to continue throughout 2009, eventually displacing more traditional vectors of malware distribution.
Jan 20, 2009 (20 hours ago)
Fake antivirus and a real threat
from McAfee Avert Labs by Lokesh Kumar
Fake alert malware prey on innocent victims by displaying misleading scan alerts. They trick the user into buying fake antivirus, to fix such falsely exaggerated scan reports. This class of “scareware” software depends on extreme social engineering tactics and comes bundled with Backdoors, Password Stealers, Downloaders, Droppers, Browser Helper Objects, etc.
5:09 AM (1 hour ago)
China's anti-censor software pimps user data
from The Register - Security
Dissident data for sale
Harvard researchers have accused the developers of tools for dodging the Great Firewall of China of selling data harvested by the software, potentially giving the authorities in Beijing an easy way to identify dissidents.…
8:21 PM (10 hours ago)
New OS X research warns of stealthier Mac attacks
from The Register - Security
In-memory code injection covers tracks
A computer security researcher has discovered a new way to inject hostile code directly into the memory of machines running Apple's OS X operating system, a technique that makes it significantly harder for investigators to detect Mac attacks using today's forensics practices.…
Jan 20, 2009 (15 hours ago)
US credit card payment house breached by sniffing malware
from The Register - Security
Suspicious activity in the Heartland
Heartland Payment Systems - a payments processor that serves more than 250,000 US businesses - warned consumers Tuesday that their card data may have been compromised following a security breach of the company's payment system.…
Jan 20, 2009 (17 hours ago)
Call centre manager in the frame over ID scam
from The Register - Security
Alleged two-year dodginess using British identities
An Indian call centre manager is under investigation over allegations he used the identities of Brits to run an insurance fraud scam.…
Jan 20, 2009 (20 hours ago)
McKinnon wins extradition delay
from The Register - Security
All hold pending UK prosecution decision
Gary McKinnon has been granted a delay in his long-running fight against extradition to the US on hacking charges.…
Jan 20, 2009 (21 hours ago)
Conficker Autoplay ruse gets teeth into Windows 7
from The Register - Security
VXers still ahead of the game
Social engineering autoplay tricks work on early versions of Windows 7 as well as Vista, according to tests by security researchers.…
Jan 20, 2009 (23 hours ago)
Conficker seizes city's hospital network
from The Register - Security
Network-wide update ban invites worm infection
Exclusive Staff at hospitals across Sheffield are battling a major computer worm outbreak after managers turned off Windows security updates for all 8,000 PCs on the vital network, The Register has learned.…
Jan 20, 2009 (17 hours ago)
Debit-card processor claims data breach part of global fraud operation
from Network World on Security by Ellen Messmer
Heartland Payment Systems, the Princeton, N.J.-based provider of credit and debit processing, payroll, check management and payments services to more than 250,000 business locations across the country, Tuesday disclosed it was the victim of a security breach.
Jan 20, 2009 (17 hours ago)
Detecting Internet routing "lies"
from Network World on Security by Carolyn Duffy Marsan
Australian Geoff Huston is one of the foremost authorities on Internet routing and scaling issues. We sent Huston a few questions about the U.S. government's plan to bolster R&D to secure the Internet's core routing protocol, the Border Gateway Protocol (BGP). Here are excerpts of from what Huston had to say.
Jan 20, 2009 (17 hours ago)
Embarrassing Insider Jobs Highlight Security, Privacy Holes
from Network World on Security
Officials in San Francisco last summer found out just how easy it can be for one person to hold the city, or at least critical parts of its IT network, hostage for several days. In July, a disgruntled network administrator for the city locked up a multimillion-dollar municipal computer system that handles sensitive data. The employee, Terry Childs, refused to give up the password to the FiberWAN system, which he had helped design. Childs eventually gave the password to San Francisco mayor Gavin Newsom, but not before a lockout that lasted almost two weeks and cost the city close thousands of dollars to fix.
Jan 20, 2009 (17 hours ago)
Microsoft issues patches for 'nasty' Windows bugs
from Network World on Security
Microsoft last week patched three vulnerabilities in the Server Message Block (SMB) file-sharing protocol in Windows, including two that could make "Swiss cheese" out of enterprise networks, according to one researcher.
Jan 20, 2009 (18 hours ago)
Brief: Payment processor warns of network breach
from SecurityFocus News
Payment processor warns of network breach
Jan 20, 2009 (13 hours ago)
Malware infestation responsible for credit card data breach
from Ars Technica by jhruska@arstechnica.com (Joel Hruska)
Heartland Payment Systems announced today that it may have exposed up to 100 million credit and debit cards to theft late last year. This revelation doesn't just set a data breach record, it may explain the surge in credit card fraud we saw last December.
7:44 PM (11 hours ago)
Hackers Imperil 100 Million Credit Card Accounts
from Wired Top Stories by Kim Zetter
Heartland Payment Systems, a company that processes debit- and credit-card transactions for 250,000 businesses, reveals it was hacked late last year and that intruders may have compromised more than 100 million accounts.
Jan 20, 2009 (15 hours ago)
Massive Theft of Credit Card Numbers Reported
from PC World Latest Technology News
Heartland Payment Systems, a payment processor for hundreds of thousands of businesses, disclosed today that it has been hit by what may be the largest credit card data theft to date.
Jan 20, 2009 (18 hours ago)
Smartphone Security Measures
from PC Magazine Tips and Solutions
Even the simplest cell phones carry enough data to be dangerous in the wrong hands.
Jan 20, 2009 (13 hours ago)
Safeguard Your PC Against the Downadup Worm
from PC World Latest Technology News
How to protect your PC from the biggest worm in years.
Jan 20, 2009 (18 hours ago)
A High-Tech Agenda for President Obama
from PC World Latest Technology News
Here's one editor's prescription for high-tech investments, priorities, and -- yes -- legislation.
-- Aurora Report says lions and tigers and bears, oh my!
Subscribe to:
Post Comments (Atom)
My Blog List
-
-
'Outer Range' Season 2 on Prime Video: Release Date and Time - CNET - Josh Brolin stars as Wyoming rancher Royal Abbott in season 2 of the sci-fi series.
5 hours ago -
'Outer Range' Season 2 on Prime Video: Release Date and Time - CNET - Josh Brolin stars as Wyoming rancher Royal Abbott in season 2 of the sci-fi series.
5 hours ago
-
'Cyberattack' shutters Christie's website days before $840M art mega-auction - Going once, going twice, going offline Christie's website remains offline as of Monday after a "technology security issue" shut it down Thursday night – j...10 hours ago
-
How Did Authorities Identify the Alleged Lockbit Boss? - Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the ...18 hours ago
-
Anybody knows that this URL is about? Maybe Balena API request?, (Wed, Feb 7th) - Yesterday, I noticed a new URL in our honeypots: /v5/device/heartbeat. But I have no idea what this URL may be associated with. Based on some googleing, I ...3 months ago
-
Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool - BestEDROfTheMarket is a naive user-mode EDR (Endpoint Detection and Response) tool designed to serve as a testing ground4 months ago
-
My Last Email with W. Richard Stevens - In the fall of 1998 I joined the AFCERT. I became acquainted with the amazing book *TCP/IP Illustrated, Volume 1: The Protocols* by W. Richard Stevens...
10 months ago -
Comic for March 12, 2023 - Dilbert readers - Please visit Dilbert.com to read this feature. Due to changes with our feeds, we are now making this RSS feed a link to Dilbert.com.1 year ago
-
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities - At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain.1 year ago
-
Vulnerability Summary for the Week of November 29, 2021 - Original release date: December 6, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info abb -- rtu50...2 years ago
-
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus - Original release date: December 2, 2021 Summary *This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (AT...2 years ago
-
20 years of CGISecurity: What appsec looked like in the year 2000 - Just realized that 20 years have passed since I started this site to learn more about web security threats. What 'appsec' looked like in 2000 OWASP didn't ...3 years ago
-
Ransomware: Why one city chose to the pay the ransom after falling victim - Posted by InfoSec News on Aug 12 https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/ By Danny Palmer Z...3 years ago
-
What the newly released Checkra1n jailbreak means for iDevice security - There are reasons to embrace it. There are reasons to be wary of it. Here's the breakdown.4 years ago
-
Privacy and Mobile Device Apps - Original release date: July 9, 2019 | Last revised: November 15, 2019 What are the risks associated with mobile device apps? Applications (apps) on your sm...4 years ago
-
44CON 2018 - 12th-14th September, London (UK) - Posted by Steve on Feb 28 44CON 2018 is the UK's best annual Security Conference and Training event. The conference spans 2.5 days with training on the 1...6 years ago
-
Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability - Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the leng...6 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...7 years ago
-
vTech – ignorance is no defence (and neither are weasel words) - This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The cha...8 years ago
-
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence - The U.S. Justice Dept. said it was "looking into the issues" raised by an Reuters story, that one of its law enforcement agencies collaborated with the NSA...10 years ago
-
-
-
-
-
-
-
-
-
Posts
No comments:
Post a Comment