Smartphones cache poses huge risk for Cloud Storage Security

A couple of years ago, the tech world was abuzz about the cloud. Cloud computing refers to computing where the processing or storage takes place on a networked series of computers rather than on the device that you're using. Whether you're using a PC, laptop, tablet, smartphone, television, or...

Web Cookbook - Multiple SQL Injection Vulnerabilities

Exploit for php platform in category web applications Exploit Title: Web Cookbook Multiple SQL Injection Date: 2013/3/12 Exploit Author: Saadat Ullah ， email protected Software Link: http://sourceforge.net/projects/webcookbook/ Author HomePage: http://security-geeks.blogspot.com/ Tested on: Serve...

HP LaserJet Professional printer telnet debug shell vulnerability

Overview Certain HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized access to data. Description Certain HP LaserJet Professional printers contain a telnet debug shell which could allow a remote attacker to gain unauthorized acce...

Researchers grab cryptographic keys from Frozen Android Phones

Using a new attack on most popular Android phones platform, a team of researchers in Germany managed to grab stored cryptographic keys if the device is frozen state for an hour. The method which able to bypasses Google’s data scrambling encryption system introduced in Android 4.0 Ice Cream Sandwi...

Evernote hacked, reset your password Now !

Cloud note-taking service Evernote has been hacked and now you have to reset your password imminently. According to a post on the official Evernote blog, an unidentified attacker compromise the servers and extracted usernames, email addresses, and passwords. "Evernote's Operations & Security team...

Evernote hacked, reset your password Now !

Cloud note-taking service Evernote has been hacked and now you have to reset your password imminently. According to a post on the official Evernote blog, an unidentified attacker compromise the servers and extracted usernames, email addresses, and passwords. "Evernote’s Operations & Security team...

Windows 8 App Store Access

Binary data 6676.prm...

'Terrific Employee' Fired After Losing USB Drive Containing Medical Records

A Maine-based company announced Thursday it fired an otherwise exemplary employee who dowloaded medical data onto a jump drive and then lost the device while traveling between Salt Lake City, Denver and Washington, D.C. The unidentified woman’s termination follows yesterday’s disclosure of a data...

University of Michigan Health Systems Admits Patient Data Stolen

UPDATE – Some 4,000 University of Michigan Health Systems patients had their medical data compromised last month when a vendor’s laptop containing medication log files was stolen from a vehicle. That medication management provider, Mountain View, Calif.-based Omnicell, admits it violated both its...

Design/Logic Flaw

Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Pssecurity.ini, which makes it easier for local users to discover passwords by reading this file...

CVE-2012-4693

CVE-2012-4693 affects Invensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite, which store passwords in Ps_security.ini using a weak, reversible encryption. The vulnerability allows a local attacker with read access to Ps_security.ini to decrypt usernames and passwords and potent...

Cisco VoIP phone vulnerability allow eavesdropping remotely

Cui, a fifth year grad student from the Columbia University Intrusion Detection Systems Lab and co-founder of Red Balloon Security, has demonstrated an attack on common Cisco-branded Voice over IP VoIP phones that could easily eavesdrop on private conversations remotely. The vulnerability Cui...

CVE-2012-2455

The CVE concerns Advanced Productivity Software DTE Axiom before 12.3.3, where registration ID validation is missing, allowing remote attackers to bypass authentication and read or modify data about users, customers, and projects via unspecified vectors. Root cause is lack of registration ID vali...

Windows 8 Security flaw : Logon Passwords Stores in Plain Text

Windows 8 is the first operating system from Microsoft to support alternative non-biometric authentication mechanisms such as Picture Password and PIN. A vulnerability discovered by a password security vendor - "Passcape" in Microsoft's Windows 8 operating system that it saves a log on password i...

Mac OS X v10.6.8 Multiple Vulnerabilities (2012-004)

This host is missing an important security update according to Mac OS X 10.6.8 Update/Mac OS X Security Update 2012-004. OpenVAS Vulnerability Test $Id: gbmacosxsu12-004.nasl 6521 2017-07-04 14:51:10Z cfischer $ Mac OS X v10.6.8 Multiple Vulnerabilities 2012-004 Authors: Madhuri D Copyright:...

APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 are now available and address the following: Apache Available for: Mac OS X...

Mac OS X 10.7.x < 10.7.5 Multiple Vulnerabilities (BEAST)

The remote host is running a version of Mac OS X 10.7.x that is prior to 10.7.5. The newer version contains multiple security-related fixes for the following components : - Apache - BIND - CoreText - Data Security - ImageIO - Installer - International Components for Unicode - Kernel - Mail - PHP ...

Mac OS X Multiple Vulnerabilities (Security Update 2012-004) (BEAST)

The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-004 applied. This update contains multiple security-related fixes for the following components : - Apache - Data Security - DirectoryService - ImageIO - International Components for Unicode - Mail - PHP ...

Mac OS X 10.8.x < 10.8.2 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.8.x that is prior to 10.8.2. The newer version contains multiple security-related fixes for the following components : - BIND - Data Security - LoginWindow - Mobile Accounts - PHP %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Info of 55K Patients Stolen from Indianapolis Cancer Practice

The Cancer Care Group, an oncology practice based in Indianapolis, claims it will improve its storage and data security practices going forward after a laptop containing the sensitive information of about 55,000 of its patients was stolen last month. The laptop, which contained backup media from...