9525 matches found
Cyber threats a major risk to business
When it comes to security, small and midsize businesses are largely unaware of the risks they face. Cybercrime is a serious problem which affects businesses of all sizes and can have devastating consequences. U.S. small businesses should understand they cannot completely remain safe from...
Capitol Hill Rhetoric Takes Aim at Wrong Cybersecurity Targets
Defense secretary Leon Panetta couldn’t resist, could he? He couldn’t fight the urge to dig deep into the information security cliché handbook and yank out that old chestnut about a Cyber Pearl Harbor. Seriously, is there a more cringe-inducing, FUD-filled phrase than Cyber Pearl Harbor? Never mi...
Eugene Kaspersky Unveils Plans for New Secure SCADA OS
Attacks against SCADA and industrial-control systems have become a major concern for private companies as well as government agencies, with executives and officials worried about the potential effects of a major compromise. Security experts in some circles have been warning about the possible...
New Center, Council Aims to Foster Cybersecurity Discussion at a State Level
Hoping to better address the cause and concerns of cyber attacks on a state level, last week the National Governors Association NGA announced the creation of the Resource Center for State Cybersecurity, an initiative set into motion by Governor Martin O’Malley D-Md. and Governor Rick Snyder R-Mic...
CVE-2012-4501 : Critical vulnerability warned in Cloudstack
Citrix and the Apache Software Foundation have alerted users to a critical vulnerability in the CloudStack open source cloud infrastructure management software. The vulnerability affects all versions of Cloudstack prior to October 7, including the Citrix commercial version. Vulnerability could...
Internet Slows In Iran Following Attacks on Infrastructure, Communication
Hackers interrupted Internet access in various parts of the Islamic Republic of Iran yesterday after attacking a number of the country’s infrastructure and communications companies, a state official told the Reuters news agency. “Yesterday we had a heavy attack against the country’s infrastructur...
Cyber attack on Iran's Internet system Disrupts Iran Internet
IRAN state official has said that Cyber attackers have targeted Iranian infrastructure and communications companies, disrupting the Internet across the country. "Yesterday we had a heavy attack against the country's infrastructure and communications companies which has forced us to limit the...
Sandia Lab's MegaDroid Project Builds Out Massive Android Test Platform
It might sound like a security researcher’s worst nightmare to string together 300,000 virtual instances of the Android OS, but for scientists at Sandia National Laboratories, it’s just another day. The Department of Energy-sponsored national security-focused laboratory released the MegaDroid...
White House Cyberattack Likely Won't Change Anything
So now it’s the White House’s turn. Having taken a swing at just about every other piece of the U.S. government’s network infrastructure, attackers, reportedly based in China, recently targeted a machine on an unclassified network inside the White House Military Office and were able to compromise...
Attack on SCADA Vendor Telvent Raises Concerns
Telvent, the maker of a SCADA product used in a number of critical industries, said that its corporate network has been compromised by attackers and that some of the files used by customers on their own networks were changed. This attack is the latest in what looks to be a series of incidents of...
'Historic' DDoS Attacks Against Major U.S. Banks Continue
PNC Bank appears, as promised, to be the latest victim of hacktivists carrying out denial-of-service attacks against major U.S. financial services institutions. PNC, out of Pittsburgh, joins Wells Fargo, J.P. Morgan Chase & Co. and Bank of America on a list of banks taken offline reportedly by a...
Trend Micro Control Manager 5.5 / 6.0 Blind SQL Injection
!/usr/bin/env python Exploit Title: Trend Micro Control Manager 5.5/6.0 AdHocQuery BlindSQL Injection post-auth Disclosure Date: 09/27/2012 Author: otoy @otoyrood & modpr0be @modpr0be Contact: researchatspentera.com Platform: Windows Tested on: Windows 2003 Standard Edition Software Link:...
Published Threat Intelligence, Not Cybersecurity Laws, Is What's Needed
For several years now, Congress has been wandering around the wilderness, trying to figure out why so much of America’s intellectual property is being sucked into a giant vortex somewhere over Asia and whether they should do something to stop it, like maybe pass a cybersecurity law. They’ve taken...
New FERC Cybersecurity Office Has Lofty Oversight and Outreach Goals
When it comes to cybersecurity and critical infrastructure, there are generally more questions than answers. And for the last 10 months or so, the volume of concern and uncertainty has ramped up, largely because there’s little in the way of productive information sharing on threats, a serious lac...
SSL Digital Certificate Security Issues Put CAs on Notice
It’s been a rough couple of years for the security of fundamental Internet infrastructure technologies such the domain name system DNS, SSL and digital certificates. Hackers are taking aim at these core technologies at the heart of ecommerce and online communication, and are more often than not,...
Solaris 10 (x86) : 126547-10 (deprecated)
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Bash. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris. Successful...
Electromagnetic Pulse Attacks : Are we prepared ?
An electromagnetic pulse EMP attack is a threat few Americans are familiar with, yet one which could easily destroy their lives. What would you do if your electricity suddenly went out and didn't come back on for months or even years? How long would you last with the food in your pantry, the...
Google Adds Online Malware Scanner VirusTotal To Security Lineup
Google made a significant addition to its security lineup Friday with its acquisition of online malware scanning service VirusTotal. Experts say the malware intelligence Google will have at its disposal would enhance not only existing products and services, but will backbone site safety rankings...
Hard-Coded Password Leaves GarrettCom Switches Open to Attack, ICS-CERT Warns
The Department of Homeland Security is warning users of some of GarrettCom’s switches that there is a hard-coded password in a default account on the devices, which are deployed in a number of critical infrastructure industries, that could allow an attacker to take control of them. A researcher a...
Iran still on target of 'Mahdi' malware after detection
In JULY Kaspersky Lab and Seculert revealed the presence of a new cyber-espionage weapon known targeting users in the Middle East. Despite the recent uncovering of the 'Madhi' malware that has infected several hundred computers in the Middle East, researchers say the virus is continuing to spread...