DDoS attacks want to make sure you haven’t forgotten about them

Welcome to this weeks edition of the Threat Source newsletter. Distributed denial-of-service attacks DDoS have been around since before I even knew how to turn a computer on. These types of attacks, I feel, have the same vibe as the term "computer virus" -- something we used to talk about in the...

NVIDIA GPU was traced to vulnerabilities, you can view the porn browsing history-bug warning-the black bar safety net

! Chrome's incognito mode in some specific cases not necessarily be able to protect individual privacy, recently a gamer the exposure of the Nvidia GPU of the previous vulnerability, the use of the vulnerability can view Chrome incognito mode to browse porn sites picture. Evan Andersen once loade...

Design/Logic Flaw

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

PYSEC-2012-39

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

CVE-2012-3361

CVE-2012-3361 affects OpenStack OpenStack Compute (Nova) in Folsom (2012.2), Essex (2012.1), and Diablo (2011.3). The issue is in virt/disk/api.py where remote authenticated users can overwrite arbitrary files via a symlink attack on a file located within an image. The root cause is improper hand...

CVE-2012-3361

virt/disk/api.py in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 allows remote authenticated users to overwrite arbitrary files via a symlink attack on a file in an image...

DEBIAN-CVE-2012-2654

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

PYSEC-2012-37

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

CVE-2012-2654

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

CVE-2012-2654

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

CVE-2012-2654

CVE-2012-2654 affects OpenStack Compute (Nova) EC2 and OS APIs in Folsom, Essex, and Diablo releases. The vulnerability arises from improper protocol validation when creating security groups if the network protocol isn’t specified in lowercase, allowing remote attackers to bypass access restricti...

CVE-2012-2654

The 1 EC2 and 2 OS APIs in OpenStack Compute Nova Folsom 2012.2, Essex 2012.1, and Diablo 2011.3 do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restriction...

Slideshow: Fair Game: 12 Months, 10 Eye-Popping Hacks Targeting Some Of the Globe's Biggest Gaming Firms

VIEW SLIDESHOW Fair Game: 12 Months, 10 Eye-Popping Hacks Targeting Some Of the Globe’s Biggest Gaming Firms The past year has seen a sharp increase in attacks aimed at online gaming platforms and game makers. In fact, there was a point last summer, in the wake of Sony’s Playstation Network outag...

From Atari to Steam

The past year has seen a sharp increase in attacks aimed at online gaming platforms and game makers. In fact, there was a point last summer, in the wake of Sony’s Playstation Network outage, when it seemed like no video game company was safe from hackers – whether they be ideologically motivated...