GAO Calls out the FDIC

It’s not always malicious hackers and purported state actors that expose weaknesses in government systems. Sometime it’s other government agencies as well. This was the case when federal watchdog, the Government Accountability Office, audited and subsequently called out the Federal Deposit...

NYT: When Hackers Strike, Small Business Owners Hit Hard

Independent business owners may find themselves deep in debt after hackers wipe out their bank accounts, with banks reluctant to recoup losses caused by online attacks, according to a report in the New York Times. The article, in the Thursday edition of the Times, details several so-called...

Employee Sends Medicaid Info of 228K To His Yahoo! Account

A South Carolina man was arrested yesterday on charges stemming from a data breach that may have leaked personal information on more than 200,000 Medicaid beneficiaries in the state, including their names, phone numbers, addresses, birth dates and Medicare ID numbers according to a report in the...

Utah Data Breach of 181,000 Records Blamed on Configuration Error

Nearly 200,000 people who receive benefits from the Medicaid and Child Health Insurance Plan in Utah have had their personal information–including Social Security numbers in some cases–compromised as part of an intrusion on the network at the Utah Department of Technology Services. The 181,000...

用友ICC网站客服系统远程代码执行漏洞

简要描述： 全部采用用友ICC客服系统,上线前没有做严格测试!导致漏洞产生!全部可以获得管理权限! 网络游戏 盛大网络 光通娱乐 在线销售 麦考林 母婴之家 教育 威迅教育 中锐留学 汽车 广州本田 永达汽车 物流 顺丰速运 申通快递 保险 太平洋保险 PICC中国人保 软件/互联网 金山软件 政府 上海公共研发平台 金融 中国银联 环迅电子商务有限公司 IFX 大成基金 东亚银行 运营商 中国电信 中国联通 安徽电信 西藏电信 行业资讯平台 泡泡网 中国汽车网 中国塑料网 网易163 零售卖场 苏宁电器 详细说明： 以下网站客服系统全部采用用友ICC客服系统 网络游戏 盛大网络 光通娱...

Corporate fraud vs Anonymous Analytics Group

Corporate fraud vs Anonymous Analytics Group A new financial research group, Anonymous Analytics has released a report accusing Chinese firm Chaoda Modern Agriculture of "11 years of deceit and corporate fraud". The company is one of China's largest fruit and vegetable suppliers. A faction within...

House GOP Task Force Favors Private Incentives, Fewer Regulations for Cybersecurity

A House GOP task force called on Congress this week to adopt voluntary incentives – rather than federal requirements – to get private companies to further develop their cyber security. The GOP proposes a combination of tax credits, grants, insurance and rules set by non-regulatory agencies as a w...

Sony Hiring Information Security Engineers & Facebook Hire George Hotz

Sony Hiring Information Security Engineers After 14 Hacks, Finally Sony open job recruitment for "Sr Application Security Analyst ". Sony Estimates 171 Million Dollar Loss due to PSN Hack. Also Sony CEO sorry for PSN hack, offers data theft insurance. Social network Facebook has hired a computer...

U.S. Dept. Of Commerce Calls For Online Code Of Business Conduct

The Department of Commerce’s Internet Policy Task Force released a proposal Wednesday calling for a voluntary code of conduct for companies that do business online. The Report, titled Cybersecurity, Innovation and the Internet Economy, calls for a private-public partnership to promote best securi...

Sony Apologizes, Offers $1 Million Insurance After Hacking !

Sony Corp. 6758 Chairman Howard Stringer apologized and offered U.S. customers of PlayStation Network and Qriocity online entertainment services a year of free identity- theft protection after the system was crippled by hackers. Japan's biggest consumer-electronics exporter will offer a $1 millio...

Windows Servers Hacked at The Hartford Insurance Company !

Hackers have broken into The Hartford insurance company and installed password-stealing programs on several of the company's Windows servers. In a warning letter sent last month to about 300 employees, contractors, and a handful of customers, the company said it discovered the infection in late...

162 Websites Defaced by Urdu hack

162 Websites Defaced by Urdu hack Websites : BEST-DUI-DEFENSE-ATTORNEYS.INFO CAR-INJURY-CLAIM.INFO CHARTER-A-JET.INFO CHEAP-CARINSURANCEQUOTATION.INFO CHEAP-LIFEASSURANCE-QUOTE.INFO CHEAP-SECUREDLOANS.INFO CHEAPCARIBBEANPACKAGES.INFO CHEAPWEBCONFERENCING.INFO CHILDMOLESTATIONLAWYER.INFO...

VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability (CVE-2010-2750)

VUPEN Security Research - Microsoft Office Word Document Array Indexing Vulnerability CVE-2010-2750 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- Microsoft Office Word, included in the Microsoft Office suite, is a powerful authoring program that gives the ability t...

Zurich Insurance Fined Millions in UK

The UK operation of Zurich Insurance has been fined £2.27m by the Financial Services Authority FSA for losing personal details of 46,000 customers. It is the highest fine levied on a single firm for data security failings. Read the full article. BBC News...

VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities

VUPEN Security Research - Winamp Player FLV Data Processing Multiple Overflow Vulnerabilities http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Winamp is a proprietary media player for Windows-based PCs, written by Nullsoft, now a subsidiary of AOL. It is...

A Closer Look At Security Insurance

An inside look at a California-based engineering company defrauded by an online banking Trojan, automated clearing house transfers, East-coast based money mules, yet the company was holding a cybersecurity insurance policy and looks to recover all of its stolen funds. Read the full article...

VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability (CVE-2010-1392)

VUPEN Security Research - Apple Safari WebKit HTML Button Use-after-free Vulnerability CVE-2010-1392 http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Safari is a web browser developed by Apple. As of February 2010, Safari was the fourth most widely used browser, with...

Platnik SQL Injection

Exploit Title: PLATNIK - SQL Injection Vulnerability Discovered by: podatnik386 Description: PLATNIK is the official Polish program to support documents for the Social Insurance Company pl. ZUS. The application includes several fields that are vulnerable to sql injection. Vulnerable version:...

AVCON 4.6.8.7 Buffer Overflow

!/usr/bin/perl Exploit Title: AVCON Buffer Overflow Date: 5/7/10 Author: Dillon Beresford URL: http://www.avcon.com.cn/ Version: 4.6.8.7 Tested on: XP SP2 and SP3 CVE : NONE Code : exploit.pl Twitter: http://twitter.com/D1N Dork: site:gov.cn "AVCON" There are other bugs... This is just for fun ;-...

AVCON Buffer Overflow

Exploit for windows platform in category local exploits ===================== AVCON Buffer Overflow ===================== !/usr/bin/perl Exploit Title: AVCON Buffer Overflow Date: 5/7/10 Author: Dillon Beresford URL: http://www.avcon.com.cn/ Version: 4.6.8.7 Tested on: XP SP2 and SP3 CVE : NONE...