Items Tagged with "Vulnerabilities"


03b2ceb73723f8b53cd533e4fba898ee

Group-IB found a new zero-day vulnerability in Adobe products

November 11, 2012 Added by:Pierluigi Paganini

Once again the discovery comes from Russia, its a analysts are demonstrating great capabilities in investigations, the forensics firm Group-IB, the same that provided information on cybercrime activities in Russia in last months, has discovered the availability of a new exploit sold in the underground...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Advanced Penetration Testing for Highly Secured Environments: The Ultimate Security Guide

October 31, 2012 Added by:Dan Dieterle

What information is being broadcast by your computers, company, or employees, that don’t show up in a software scan? Many companies think that if they just run a vulnerability scan and it passes that they are good, but is this an accurate test of your network security?

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Moving From Poisoning the Ocean to Poisoning the Watering Hole

October 29, 2012 Added by:Fergal Glynn

Using the watering hole analogy, if you are the owner of a location where people congregate to drink you need to keep the beverages safe and clean. Unfortunately digital safety is decades behind food safety. If you own a website you need to understand what SQL Injection and XSS are...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Why Patch Management is Vital to Your Business Network Security

October 22, 2012 Added by:Dan Dieterle

Patch management systems enable you to maintain full control of your systems’ patching activities. You can deploy security patches to test machines, and then push them out to all the rest of your machines, and also run reports to ensure that you have 100% compliance across all servers and workstations...

Comments  (15)

54a9b7b662bfb0f0445d1661d7ed180b

Cyber Threats to Democracy?

October 18, 2012 Added by:Jayson Wylie

I highly encourage anyone to look into the current mechanisms which count the people’s vote state-by-state, but even more I encourage the security industry and public to voice outrage for not putting security first in our sacred democratic election process...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Advice Regarding Recent Java Vulnerabilities

October 17, 2012 Added by:Fergal Glynn

By now, our readers have undoubtedly seen the buzz about a serious security vulnerability in Oracle Java, with corresponding exploit code making its way around in the form of active, in-the-wild attack campaigns, as well as penetration testing tools...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Brittle Systems - Unmasking Enterprise Security's Quiet Danger

October 13, 2012 Added by:Rafal Los

Besides all the obvious security vulnerabilities in your enterprise there is an even bigger problem lurking just below the water. At that intersection between critical system and security vulnerability is something many IT professionals acknowledge as the big pink elephant in the room - the "brittle system"...

Comments  (0)

03b2ceb73723f8b53cd533e4fba898ee

GAO Invites FDA to Improve Information Security for Medical Devices

October 08, 2012 Added by:Pierluigi Paganini

In the last decade the number of cyber incidents related to technologies that surround us is growth exponentially, the principal concerns are related to all those objects with an "intelligent component" that we daily use expose on internet for different purposes...

Comments  (5)

F63d0b2876c57f0bb53f053dd6b7b747

MS08-067 Celebrates Another Birthday

October 04, 2012 Added by:Jeremy Sobeck

As a Penetration Tester, this vulnerability is sought out because it is highly reliable and very low risk. As an attacker, the fact is the attack still works. The vulnerability was widely used in conjunction with the Conficker worm, which affected more than 9 to 15 million systems...

Comments  (0)

0a8cae998f9c51e3b3c0ccbaddf521aa

Java in the Cross-Hairs of Enterprise Security

September 26, 2012 Added by:Rafal Los

Enterprises seem to have a love-hate relationship with Java. It's a client we aren't thrilled with, but when it comes to cross-platform use there aren't really any other alternatives. If you look around you'll find that many of the security platforms are written in what? Java...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Video: Do I Have to Secure All My Applications?

September 24, 2012

Attackers take advantage of any externally facing web application. If you think about a web application is not mission because it’s not touching data and if there is a SQL Injection vulnerability that exists in there attackers can use that to gain a foothold inside the network...

Comments  (0)

7366c113eb2ccd38f6bbcbd5d52a6bec

How to PWN Systems Through Group Policy Preferences

September 20, 2012 Added by:Jeff McCutchan

All users have read access to the SYSVOL share of the domain controller. Forget about password cracking or passing the hash, you just get the cleartext password. A simple search for “*.xml” in the SYSVOL share on the domain controller will show if your organization is vulnerable...

Comments  (0)

0356a83ecb15c8e33b00560d7bebe47f

Some Simple Definitions for Risk and Security Discussions

September 19, 2012 Added by:Stephen Marchewitz

Every time I read something regarding the core terminology in security and risk management, I start to question whether they really know what they’re talking about. Even worse, some speak with so many words and such arrogance, I start question whether I know what I’m talking about...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Microsoft BlueHat: Five Questions with Katie Moussouris

September 12, 2012 Added by:Fergal Glynn

One of the big stories from this year’s BlackHat conference was Microsoft’s inaugural BlueHat contest which challenged researchers to design a novel runtime mitigation technology designed to prevent the exploitation of memory safety vulnerabilities. Katie Moussouris discusses...

Comments  (0)

32137b352537f11c1efe063869f00e0e

Java, Flash, and the Choice of Usability Over Security

September 10, 2012 Added by:Le Grecs

Convenience vs. Security: My goal of not installing Flash and Java on a new system didn't last more than a few hours. Yet, as infosec professionals, following the disable unnecessary services philosophy, we advise not installing these types of applications for security reasons...

Comments  (0)

099757b145caa6965ea51494adbc25ba

How to Secure Windows 2000... For a Limited Time

September 07, 2012 Added by:Drayton Graham

A number of organizations are still using Windows 2000. It is up to the organization to determine the acceptable risk for continued use of Windows 2000-based systems. If Windows 2000 is a necessity at this time within your environment, here are some security techniques you can implement...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »