4662 matches found
PGP Website - Multiple Cross Site Scripting Vulnerabilities
Document Title: =============== PGP Website - Multiple Cross Site Scripting Vulnerabilities Release Date: ============= 2011-07-16 Vulnerability Laboratory ID VL-ID: ==================================== 95 Product & Service Introduction: =============================== PGP Corporation is a global...
Morgan Stanley Smith Barney Breach Loses Information of 34,000
Retail brokerage Morgan Stanley Smith Barney MSSB has notified 34,000 investment clients that some of their data has been lost, including their names, addresses, social security numbers, tax identification numbers and investment income from 2010, according to a report on the Dow Jones newswires...
U.S. Playing Catch Up in Security for Contactless Devices
AMHERST, MASS.– The U.S. may boast the world’s largest economy, richest technology companies and a lion’s share of its top research universities. But when it comes to the subject of security of RFID Radio Frequency ID and other contactless technologies, America is still playing catch-up. The U.S....
Mobile Security – Users Just Don't Care
It’s not that users “don’t want to keep their data safe”. They do. Most corporate users don’t want their personal or corporate, private information, available to someone else. They don’t want their email stolen or their contacts pillaged. So why do people insist on ignoring the multitude of...
CitiBank hacked & large number of customer data stolen
CitiBank hacked & large number of customer data stolen Security breaches happen, they're going to continue to happen … the mission of the banking industry is to keep the customer base safe and customers feeling secure about their financial transactions and payments Citigroup said today that hacke...
Trinity College Dublin Reports Data breach !
Trinity College Dublin Reports Data breach ! A file containing the names of students and staff of Trinity College Dublin, along with their addresses, ID numbers and email addresses, was "inadvertently" made accessible on a local network, the college said. TCD said today it had reported the incide...
Barracuda Networks Hacking via SQL Injection !
Barracuda Networks Hacking via SQL Injection ! Barracuda Networks Inc. combines premises-based gateways and software, virtual appliances, cloud services, and sophisticated remote support to deliver comprehensive content security, data protection and application delivery solutions. The company's...
EMC Data Protection Advisor Collector for Solaris SPARC不安全文件权限漏洞
Bugtraq ID: 47036 CVE ID:CVE-2011-1420 EMC Data Protection Advisor Collector是一款数据备份报告工具。 Solaris SPARC平台下的EMC Data Protection Advisor Collector不正确设置文件权限,本地攻击者可以利用漏洞以目标用户安全上下文执行任意代码,可导致特权提升。 EMC Data Protection Advisor Collector for Solaris SPARC 5.7.1 EMC Data Protection Advisor Collector for...
CVE-2011-1420
EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
Code injection
EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
CVE-2011-1420
EMC Data Protection Advisor Collector 5.7 and 5.7.1 on Solaris SPARC platforms uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors...
CVE-2011-1420
EMC Data Protection Advisor Collector for Solaris SPARC (version 5.7 and 5.7.1) contains incorrect/weak file permissions that allow a local attacker to execute code with elevated privileges. Affected builds 5.7 and 5.7.1 require Patch/DPA-8873; EMC notes that Build 5833 for both 5.7 and 5.7.1 res...
EMC Data Protection Advisor Collector weak security permissions
Weak permissions for executable files...
ESA-2011-010: EMC Data Protection Advisor Collector arbitrary code execution with elevated privileges vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-010: EMC Data Protection Advisor Collector arbitrary code execution with elevated privileges vulnerability EMC Identifier: ESA-2011-010 CVE Identifier: CVE-2011-1420 Severity Rating: CVSS v2 Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Affected...
Device-Level Encryption Comes to Android
As attacks on mobile devices such as iPhones, iPads, Android phones and tablets have surged in recent months, security researchers and customers have continued to look for ways to lock down their devices and protect the data they store on them. Whisper Systems has jumped into the fray with...
IRS Security Holes Put Taxpayer Data At Risk
With the deadline for filing U.S. tax returns fast approaching, the U.S. Government’s watchdog agency warns that the Internal Revenue Service still hasn’t implemented steps to secure its IT infrastructure and protect taxpayers’ financial data. The U.S. Government Accountability Office GAO issued ...
Compliance and the Cloud
"The Cloud" is a hot topic right now. Yet most people cant even define what "the cloud" really is. As I talk to more companies, who are considering the move, they all have two main concerns: security and compliance. Of course, security and compliance are key when it comes to cloud computing, but...
Dorset HealthCare University NHS Foundation Trust website Hacked !
HACKERS brought down a website for a health trust serving 700,000 NHS patients in Dorset. The attack, which disabled the site over the weekend, blocked access to the Dorset HealthCare University NHS Foundation Trust website. The trust provides treatment for mental health issues, addiction,...
Experts Agree: No Easy Fix For Mobile Security
SAN FRANCISCO — Mobile phones, tablet PCs and other new technologies are poised to take over the workplace, but organizations that hope to secure them before they do so face an uphill battle, according to a symposium on mobile security. Experts at the half day mobile security event on Monday warn...
Spanish Police Arrest Alleged Nintendo Hacker !
Spanish police say they've arrested a hacker who threatened to go public with personal information he found in a Nintendo database on about 4,000 of the company's users. Nintendo's Spanish division, Nintendo Ibérica, was approached by the hacker, who was seeking to blackmail the company, Spain's...