9527 matches found
[USN-1709-1] OpenStack Nova vulnerability
========================================================================== Ubuntu Security Notice USN-1709-1 January 29, 2013 nova vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubun...
More on Cybersecurity
For more information on targeted attacks, cyberwarfare and cyberespionage: Experts Say CEOs Need to Get Handle on Cyberespionage Problem Red October Attackers Shutting Down C&C Infrastructure Howard Schmidt Answered the Bell A Podcast with Howard Schmidt An Interview with Eugene Kaspersky...
[SECURITY] Fedora 16 Update: proftpd-1.3.4b-5.fc16
ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...
USN-1709-1: OpenStack Nova vulnerability
Phil Day discovered that nova-volume did not validate access to volumes. An authenticated attacker could exploit this to bypass intended access controls and boot from arbitrary volumes...
Pentagon Plans Massive Increase in Cybersecurity Teams
As the Senate pushes for legislation to improve information-sharing on threats and attacks and President Barack Obama prepares to issue an executive order on cybersecurity, the Department of Defense is looking for a massive increase in the number of trained cybersecurity personnel helping to defe...
[SECURITY] Fedora 18 Update: zabbix-2.0.4-3.fc18
Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechan ism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...
DHS Secretary Warns of Potential Cyber Attacks
There is no shortage of problems for President Obama and the new Congress to tackle as they settle into their offices in Washington, D.C., this week, and one of the topics that’s at the top of that list is cybersecurity. Earlier this week a group of Democratic senators introduced a new...
Senate Introduces Cybersecurity Bill that Prioritizes Information Sharing
The United States Senate says it will prioritize the passage of a comprehensive cybersecurity bill designed to fortify the nation’s public and private IT systems in this session of Congress. Senators John D. Rockefeller IV D-WV, Chairman of the Senate Commerce, Science, and Transportation...
VMware Horizon View SEoL
According to its version, the installation of VMware Horizon View, formerly known as VMWare View Server, and VMware Virtual Desktop Infrastructure, on the remote host is no longer supported. Lack of support implies that no new security patches for the product will be released by the vendor. As a...
Avoid the Landmine That is Hacking Back
Rarely a day goes by without mention of a targeted attack against some government-related website, massive disruptions in online banking services, or critical vulnerabilities in specialized software running our power plants and water supplies. And all the while, IT and security organizations have...
Trimble Infrastructure GNSS crossite scripting
Web interface crossite scripting...
Trimble® Infrastructure GNSS Series Receivers Cross Site Scripting (XSS) vulnerability
Trimble® Infrastructure GNSS Series Receivers Cross Site Scripting XSS vulnerability: - CVE: CVE-2012-5053 - Deloitte Argentina Advisory Code: DTTAR-20130001 - Vendor Status: CONFIRMED - Public Disclosure Date: January, 15th, 2013. - Vendors Affected: Trimble - http://www.trimble.com/ - Systems...
Red October Attackers Shutting Down C&C Infrastructure
It appears that the attackers behind the Red October cyberespionage campaign are taking their ball and going home. Since the attack came to light on Monday, the attackers have begun shutting down their infrastructure and the hosting providers and registrars involved with some of the...
Researchers Deconstruct Pobelka Botnet
How many inconspicuous botnets are alive and siphoning banking credentials and real money from online accounts that get little to no attention? They feast on unwitting consumers using an array of available banking Trojans to steal legitimate log-in information and sell it to the highest bidder,...
Event ID 10378 in the Operations Manager Event Log on Collector
Challenge Operations Manager Event Log on the Collector server contains the following warning: ID 10378 Module was unable to convert WMI setting .\timestamp Event IDs 1103 and 4506 may also be observed. Cause The root cause is currently investigated by Microsoft. This article will be updated afte...
Design/Logic Flaw
Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Siebel Core - Server Infrastructure...
CVE-2012-3168
Unspecified vulnerability in the Siebel CRM component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect availability via unknown vectors related to Siebel Core - Server Infrastructure...
CVE-2012-3168
CVE-2012-3168 affects Oracle Siebel CRM 8.1.1 and 8.2.2, specifically the Siebel Core - Server Infrastructure (with related components under Siebel CRM). The Nessus entry indicates an easily exploitable vulnerability allowing unauthenticated network attacks via HTTP that can result in a partial d...
Malware Infects Two Power Plants Lacking Basic Security Controls
During the past three months, unnamed malware infected two power plants’ control systems using unprotected USB drives as an attack vector. At both companies, a lack of basic security controls made it much easier for the malicious code to reach critical networks. In one instance, according to a...
Shodan Search Engine Project Enumerates Internet-Facing Critical Infrastructure Devices
Never underestimate what you can do with a healthy list of advanced operator search terms and a beer budget. That’s mostly what comprises the arsenal of two critical infrastructure protection specialists who have spent close to nine months trying to paint a picture of the number of Internet-facin...