A shared responsibility: Protecting customers through Coordinated Vulnerability Disclosure

In recent weeks several zero-day vulnerabilities have been publicly disclosed. The details of these vulnerabilities were not shared with Microsoft prior to release, and the disclosures put our customers at unnecessary risk...

JBS Paid $11M to REvil Gang Even After Restoring Operations

JBS Foods paid the equivalent of $11 million in ransom after a cyber-attack that forced the company to shut down some operations in the United States and Australia over the Memorial Day weekend. The company made the payment to cybercriminals to ensure the protection of its data and mitigate any...

“Secure” cloud storage provider exposes customer data in plain-text

By Waqas A "secure" cloud storage provider not so "secure" for customers after all. Here's what happened and how it puts customers at risk. This is a post from HackRead.com Read the original post: "Secure" cloud storage provider exposes customer data in plain-text...

When "Customers" Attack DNS

Be real. A Communications Service Provider's CSP's customer will not use their home to attack the Domain Name System DNS. They might as well unplug from the Internet. Yet, customers get infected, CPEs get violated, and miscreants all over the Internet reflect attacks off CSP customers to attack...

BlackBerry Warns of Z10, PlayBook Security Vulnerabilities

BlackBerry’s security incident response team has issued two advisories warning Z10 smartphone and PlayBook tablet users to upgrade to the latest version of the operating system and software on both platforms. The patches address a remote code-execution vulnerability in the Adobe Flash Player...

The History of the Oracle PLSQL Gateway Flaw

In the past few days Oracle has criticized me for publishing a workaround for a critical flaw in their PLSQL Gateway. This email will show that after 4 years of waiting for Oracle to try to get it right, I eventually decided to take matters into my own hands and provide Oracle customers with more...

SEC-20051125-0.txt

SEC-CONSULT Security Advisory ======================================================================= title: Even More Vulnerabilities in VTiger CRM program: vtiger CRM vulnerable version: 4.2 and earlier homepage: http://www.vtiger.com found: 2005-11-06 by: D. Fabian / SEC-CONSULT /...

SEC Consult SA-20051125-0 :: More Vulnerabilities in vTiger CRM

SEC-CONSULT Security Advisory 20051125-0 ======================================================================= title: Even More Vulnerabilities in VTiger CRM program: vtiger CRM vulnerable version: 4.2 and earlier homepage: http://www.vtiger.com found: 2005-11-06 by: D. Fabian / SEC-CONSULT /...