Apple iOS < 4.2.10 / 4.3.x < 4.3.5 Data Security Certificate Verification

Binary data 5993.prm...

Android Passwords are stored in plain text on Disk

Android Passwords are stored in plain text on Disk A Android user complain that , All passwords are stored in plane text on Disk via a message on discussion board of Android. He said "The password for email accounts is stored into the SQLite DB which in turn stores it on the phone's file system i...

Lady Gaga Website The Latest in String of Celebrity Hacks

A collective of hackers known as SwagSec claims to have broken into the UK website of Lady Gaga and made off with information on thousands of registered fans, according to a report from the UK’s Mirror. The hack, just the latest in a string of attacks on high profile artists, was made public afte...

U.S. House Committee Questions Ability to Secure Wall Street Data

Cyber security experts warned on Thursday that the U.S. government is failing to learn the lessons of past computer and intelligence breaches and often exhibits a careless attitude towards securing the data it keeps. The testimony came in a hearing on Thursday before the U.S. House of...

Laptop Containing 8.6m Medical Records Lost in UK

A laptop from the UK’s National Health Service NHS containing 8.6 million patient records has gone missing, prompting warnings from UK authorities. The device was last seen in a room in an NHS facility in North Central London and was missing for three weeks before being reported to authorities...

CVE-2011-0871

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.231 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availabili...

Microsoft Office Excel SELECTION Record Out Of Boundary (MS11-045; CVE-2011-1277)

Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability exists in the way that Microsoft Excel handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could...

CVE-2011-1711

CVE-2011-1711 affects Novell Mobility Pack 1.1.2 and earlier, and Novell Data Synchronizer 1.0.x and 1.1.x up to 1.1.1 build 428. The description indicates an unspecified vulnerability where remote authenticated users can access other accounts via unknown vectors. Connected sources confirm affect...

Avoiding the Privacy Apocalypse

Google has been criticized widely for its privacy practices, and some of the harshest critiques have come from outside privacy advocates. In this video, Simon Davies and Gus Hosein of Privacy International discuss the ways in which companies such as Google that have large amounts of user data can...

The wind classification of the information management program injection vulnerability-vulnerability warning-the black bar safety net

Wind PHP classification information of the program v1. 3 to inject the latest injection vulnerabilities. Vulnerability file index.php vulnerability type: SQL injection. ? requireonce"conn.php";?& gt; $page=$GET"page"; $cid=$GET"cid"; $pagesize=1 5; if$cid!="" $r2=mysqlquery"select count from cbod...

Parnian Opendata CMS - SQL Injection

Exploit Title : Parnian Opendata CMS SQL Injection Vulnerability Date : 2011-04-15 Author : Alexander Software Link : http://www.parniansoft.com/ Test On : php CVE : Web Applications Google Dork : inurl:mpfn=pdview Exploit : mpfn=pdview&id=-1+union+select...

Inside a Google Data Center

Google is well-known for its worldwide network of data centers, in which it holds not just the company’s own data, but the sensitive information of its corporate and consumer customers. In this video, Google gives a rare behind-the-scenes look at the physical and data security measures that the...

Apple Admits to Bugs, Denies Tracking iPhone Users

Apple finally sounded off on its phone tracking imbroglio on Wednesday telling iPhone customers that “it’s the location, stupid.” The company claims its tracking feature is designed to collect data on cell towers and wifi hotspots, not users. After more than a week of silence, the notoriously...

Tastes Like Chicken: Industrial Shredder Eats PCs, Peripherals

Data leaked from lost, stolen or recycled IT equipment is a major, major issue. News reports about the reams of data that can be retrieved from the hard drives and memory of second hand PCs are nothing new. Organizations like the IEEE have been calling attention to the insecure storage of data fo...

CVE-2011-1717

Skype for Android stores sensitive user data without encryption in sqlite3 databases with weak permissions, allowing a local attacker to read user IDs, contacts, phone numbers, date of birth, IM logs, and other private information. The vulnerability stems from inadequate access controls on stored...

WordPress.Com Hacked, Hacker root the Server !

WordPress.Com Hacked, Hacker Root the Server ! The parent company that operates WordPress, made an announcement this morning that it has hacked, resulting what the company said was a low-level root break-in to several of their servers. The company warned that potentially anything on those servers...

Kitchen Confidential: Mass. Case Lays Bare Unsanitary Data Security Practices

I worked in my share of kitchens when I was younger. I washed dishes, made salads, sous cheffed and worked the grill as a short order cook. And let me say this: one rule you learn when you work in the kitchen is – to borrow a phrase from the folks in ‘Vegas – ‘what happens in the kitchen stays in...

Restaurant Chain is First Fined Under Massachusetts Data Breach Law

UPDATE: A Massachusetts restaurant chain was the first company fined under the state’s toughest in the nation data breach law and will have to pay $110,000 in penalties, according to a statement by the Massachusetts Attorney General. The Briar Group LLC entered into a settlement with Massachsuett...

Insecure Magazine : Issue 28 available for Download !

Insecure Magazine : Issue 28 available for Download ! Database protocol exploits explained Review: MXI M700 Bio Measuring web application security coverage Inside backup and storage: The expert's view Combating the changing nature of online fraud Successful data security programs encompass...

Lush takes down two regional sites following another hack !

Last month's compromise of the UK website of the natural ingredients cosmetic firm Lush and the theft of its customers' credit card details must have hurt the company but unfortunately, its troubles are not over yet. "We are sorry to have to announce that the Lush Australian and New Zealand...