Alerts
7:02 PM (11 hours ago)
Canada Calling, (Fri, Feb 13th)
from SANS Internet Storm Center, InfoCON: green
A reader wrote in to ask about the uptick in port 5060 activity (visible here: isc.sans ...(more)...
Security News
Feb 12, 2009 (2 days ago)
Paraskavedekatriaphobia and something I haven't found a word for, (Fri, Feb 13th)
from SANS Internet Storm Center, InfoCON: green
Today is Friday the 13th, and also the day when we reach the symbolic 1234567890th second of Unix ti ...(more)...
Feb 13, 2009 (yesterday)
Third party information on conficker, (Fri, Feb 13th)
from SANS Internet Storm Center, InfoCON: green
(This will be updated as more information becomes public) In an effort to provde YOU the enduser t ...(more)...
Feb 12, 2009 (2 days ago)
We want your logs, obfuscated even., (Fri, Feb 13th)
from SANS Internet Storm Center, InfoCON: green
We always have a banner up on the webpage that says We want your logs or How to su ...(more)...
12:56 AM (6 hours ago)
Defacement archive Zone-h gets defaced
from CGISecurity - Website and Application Security News by Robert A.
"Defacement archive Zone-h.org has itself been defaced. The hack - claimed in the names of Cyber-Terrorist, HeLL cYbEr, and Jurm - involved posting a link to a YouTube video and dancing babies on the site's altered home page. The Arab language video, featuring an ad promoting nappies, replaced the site's usual...
12:56 AM (6 hours ago)
Security Vendor Kasperky Hacked Via SQL Injection
from CGISecurity - Website and Application Security News by Robert A.
A security lapse at Kaspersky has exposed a wealth of proprietary information about the anti-virus provider's products and customers, according to a blogger, who posted screen shots and other details that appeared to substantiate the claims. In a posting made Saturday, the hacker claimed a simple SQL injection gave access to...
12:56 AM (6 hours ago)
PHP filesystem attack vectors
from CGISecurity - Website and Application Security News by Robert A.
ascii writes"On Apr 07, 2008 I spoke with Kuza55 and Wisec about an attack I found some time before that was a new attack vector for filesystem functions (fopen, (includerequire)[_once]?, file_(putget)_contents, etc) for the PHP language. It was a path normalization issue and I asked them to keep it “secret” [4],...
Feb 13, 2009 (16 hours ago)
Twitter attack exposes awesome power of clickjacking
from The Register - Security
Hard to stop, harder to resist
A worm that forced a wave of people to unintentionally broadcast messages on microblogging site Twitter shows the potential of a vulnerability known as clickjacking to dupe large numbers of internet users into installing malware or visiting malicious pages without any clue they're being attacked.…
Feb 13, 2009 (17 hours ago)
Defacement archive Zone-h gets defaced
from The Register - Security
Web graffiti attack harks back to age of innocence
Defacement archive Zone-h.org has itself been defaced.…
Feb 13, 2009 (18 hours ago)
Kaspersky breach: No user info lifted, auditor confirms
from The Register - Security
But data was exposed
No customer information was accessed during last weekend's breach of a Kaspersky website, an independent auditor has concluded, confirming the results of an internal investigation conducted earlier by members of the anti-virus firm.…
Feb 13, 2009 (19 hours ago)
Wanna see how to use Win 7 UAC to pwn a PC?
from The Register - Security
Just press play...
White hat hackers have created a proof of concept demo illustrating how improved User Account Control (UAC) features in Windows 7 might be completely bypassed.…
Feb 13, 2009 (22 hours ago)
Serial security hackers hit F-secure
from The Register - Security
Sequel SQL assault
F-Secure admitted on Thursday that it had been hit by the same Romanian group that previously hit Kaspersky Lab and Bitdefender's reseller-run Portugese website over recent days.…
Feb 13, 2009 (yesterday)
McAfee sales strong despite recession
from The Register - Security
Security firm rides out economic storm
McAfee bucked the trend of poor financial news from the IT industry by posting strong results that exceeded analyst expectations on Thursday.…
Feb 13, 2009 (yesterday)
Microsoft Offers $250K Bounty for Conficker Author
from Darknet - The Darkside by Darknet
We did mention Conficker when it broke out back in January causing one of the largest scale infections ever seen (an estimated 9 million machines in just a few months). The latest news is that Microsoft are offering a bounty to catch the author of the malware, we have seen this back in 2003/4 (The Anti-virus [...]Read the full post at darknet.org.uk
Feb 13, 2009 (20 hours ago)
News: Cabal forms to fight Conficker, offers bounty
from SecurityFocus News
Cabal forms to fight Conficker, offers bounty
Feb 13, 2009 (15 hours ago)
Brief: Online thieves nab employee info from FAA
from SecurityFocus News
Online thieves nab employee info from FAA
Feb 13, 2009 (14 hours ago)
Why Google's Software Update Tool Is Evil
from Wired Top Stories by Scott Gilbertson
When Google Earth 5 was released last week, the Mac OS X version of the free desktop application came with an auto-updater that was installed on users' machines. The update tool runs in the background and can't be easily disabled — a tactic other software makers have long known is a huge no-no, and one some users are hopping mad about.
Feb 13, 2009 (18 hours ago)
With Global Effort, a New Type of Worm Is Slowed
from PC World Latest Technology News
There have been big computer worm outbreaks before, but nothing quite like Conficker
Subscribe to:
Post Comments (Atom)
My Blog List
-
-
China, Iran are having a field day with React2Shell, Google warns - Who hasn't exploited this max-severity flaw? At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attackin...5 hours ago
-
Microsoft Patch Tuesday, December 2025 Edition - Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 ...6 days ago
-
We have achieved FreeBSD 15.0-REL with KDE Plasma - Houston, we have installed #FreeBSD 15.0-REL with KDE Plasma 6.4.5 on a Lenovo ThinkPad X1 Carbon Gen 6 laptop. I have come full circle. I used to dail...
2 weeks ago -
Systemic Ransomware Events in 2025 – How Jaguar Land Rover Showed What a Category 3 Supply Chain Breach Looks Like - Systemic ransomware events in 2025, how Jaguar Land Rover’s shutdown exposed Category 3 supply chain risk, with lessons from Toyota, Nissan and Ferrari.2 weeks ago
-
Today's NYT Mini Crossword Answers for Tuesday, Oct. 7 - Here are the answers for The New York Times Mini Crossword for Oct. 7.
2 months ago -
Today's NYT Mini Crossword Answers for Tuesday, Oct. 7 - Here are the answers for The New York Times Mini Crossword for Oct. 7.
2 months ago
-
Announcing SecTemplates.com release #6: Security Partner Program Pack v1 - I have built several security partner programs at companies such as Box Inc. and Coinbase, with over 8 years of experience leading them. I have consistentl...6 months ago
-
Anybody knows that this URL is about? Maybe Balena API request?, (Wed, Feb 7th) - Yesterday, I noticed a new URL in our honeypots: /v5/device/heartbeat. But I have no idea what this URL may be associated with. Based on some googleing, I ...1 year ago
-
Comic for March 12, 2023 - Dilbert readers - Please visit Dilbert.com to read this feature. Due to changes with our feeds, we are now making this RSS feed a link to Dilbert.com.2 years ago
-
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities - At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain.2 years ago
-
Vulnerability Summary for the Week of November 29, 2021 - Original release date: December 6, 2021 High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info abb -- rtu50...4 years ago
-
AA21-336A: APT Actors Exploiting CVE-2021-44077 in Zoho ManageEngine ServiceDesk Plus - Original release date: December 2, 2021 Summary *This joint Cybersecurity Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (AT...4 years ago
-
Ransomware: Why one city chose to the pay the ransom after falling victim - Posted by InfoSec News on Aug 12 https://www.zdnet.com/article/ransomware-why-one-city-chose-to-the-pay-the-ransom-after-falling-victim/ By Danny Palmer Z...5 years ago
-
What the newly released Checkra1n jailbreak means for iDevice security - There are reasons to embrace it. There are reasons to be wary of it. Here's the breakdown.6 years ago
-
Privacy and Mobile Device Apps - Original release date: July 9, 2019 | Last revised: November 15, 2019 What are the risks associated with mobile device apps? Applications (apps) on your sm...6 years ago
-
44CON 2018 - 12th-14th September, London (UK) - Posted by Steve on Feb 28 44CON 2018 is the UK's best annual Security Conference and Training event. The conference spans 2.5 days with training on the 1...7 years ago
-
Cryptopp Crypto++ 5.6.4 octets Remote Code Execution Vulnerability - Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the leng...8 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...8 years ago
-
vTech – ignorance is no defence (and neither are weasel words) - This morning, Troy Hunt published a blog post alerting to a recent change in the Terms & Conditions published by children’s toy manufacturer vTech. The cha...9 years ago
-
DOJ probing claims U.S. drug agency 'collaborated' with NSA on intelligence - The U.S. Justice Dept. said it was "looking into the issues" raised by an Reuters story, that one of its law enforcement agencies collaborated with the NSA...12 years ago
-
-
-
-
-
-
-
-
-
Posts
No comments:
Post a Comment