Seeking Crowd Engagement, Startup Stumbles On New Tool For Crowd Control

When CrowdOptic, a Silicon Valley, venture funded startup, developed a cool application that could stream real-time, context-aware information streams to mobile devices, the applications seemed straight-forward and lucrative enough: a blend of advertising and broadcasting that sports franchises a...

Restrictions

The iPhone, like the many smartphones that have debuted in its wake, includes a variety of powerful applications and features. Many of these functions and apps, including the camera, the Safari browser, FaceTime and others, can have privacy and security implications, depending upon how they’re us...

Experts Converge at RFIDsec to Discuss NFC Security Implications

RFID security problems have been biting at the ankles of users and companies that deploy the technology for several years now, but they’ve been mostly on the fringes of mainstream security concerns. But now, as the technology becomes more widespread and pervasive, that is beginning to change...

Dennis Fisher and Paul Roberts on the MacDefender Malware and Google Wallet

Dennis Fisher and Paul Roberts discuss the re-emergence of the MacDefender malware, Apple’s decision to push out an OS X update to protect against and the release of Google Wallet and the security implications of the system. Podcast audio courtesy of sykboy65 Subscribe to the Digital Underground...

Red Hat Enterprise Linux seunshare Unsafe Implementation

Developers should not rely on the stickiness of /tmp on Red Hat Linux --------------------------------------------------------------------- Recent versions of Red Hat Enterprise Linux and Fedora provide seunshare, a setuid root utility from policycore-utils intended to make new filesystem...

The Reddit Fail Snoo

If you’ve used the bookmarking site Reddit, you’ve no doubt noted the cute little alien that is the company’s mascot. According to our research, the alien is actually called the Reddit “Snoo,” though it’s unclear whether anyone at Reddit refers to it by that name. Given the creature’s resemblance...

Husband Faces Prison for Accessing Wife's Private Emails

A Michigan man faces prison time for accessing a laptop at his home and reading his wife's email. Leon Walker, 33, was charged with a felony after accessing his wife Clara Walker's email account and discovering she was having an affair, reported the Detroit Free Press. Upon discovering that his...

Image Of the Day: The Internet Hijack That Wasn't?

Reports surfaced last week about an incident dating back to April, 2010 that involved the suspicious rerouting of Internet traffic through infrastructure belonging to a telecommunications carrier in China. Originally reported within technical circles in April, the incident simmered within the sma...

ToorCon: New Apps, Old Infrastructure Make Toxic Brew

In a variety of ways, experts at this weekend’s ToorCon Conference warned that the tidal wave of new devices and Web based services is straining an already aging Internet infrastructure, with privacy and security as the first victims. Call it the ‘schizophrenia of now’: a tidal wave of new...

CentOS Update for popt CESA-2010:0678 centos4 i386

Check for the Version of popt OpenVAS Vulnerability Test CentOS Update for popt CESA-2010:0678 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

RedHat Update for rpm RHSA-2010:0678-01

Check for the Version of rpm OpenVAS Vulnerability Test RedHat Update for rpm RHSA-2010:0678-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Moderate: Red Hat Security Advisory: rpm security and bug fix update

Updated rpm packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

The Pitfalls of Website Vulnerability Research and Disclosure

Vulnerability disclosure is in the spotlight again. First it was Tavis Ormandy disclosing a vulnerability in Microsoft Windows before Microsoft had a fix available. Now a group called Goatse Security has disclosed a vulnerability in an AT&T website that affects Apple iPad 3G owners. The Wall Stre...

Google Cloud Print: Thinking Through the Security, Privacy Implications

Google’s plans to introduce a Cloud Print service that’s already being hailed as “printer voodoo” because it lets users print to any printer anywhere in the world, even from mobile phones. However, there are some privacy and security implications that need to be fleshed out before end users rush ...

10 Lessons From The Pwn2Own Hacker Contest

The recent CanSecWest Pwn2Own contest saw successful hacking attacks against Microsoft Internet Explorer 8, Mozilla Firefox and Apple’s Safari and iPhone products. Now that the dust has settled and the vendors are starting to patch the vulnerabilities, Threatpost editor Ryan Naraine takes a look ...

Mozilla Warns of Unknown Root Certificate Authority in Firefox

In a startling revelation, the open-source Mozilla project says that its flagship Firefox browser contains a root certificate authority that doesn’t seem to have a known owner. It’s quite possible that this could be a legitimate root certificate that changed hands during a merger or some other...

2009: The Year That Was in Security

Threatpost editor Dennis Fisher talks about the implications of Howard Schmidt’s appointment, the story of the year in 2009 and what 2010 might bring for security...

Privacy Concerns Raised About Smart Grids

Technologists already are worried about the security implications of linking nearly all elements of the U.S. power grid to the public Internet. Now, privacy experts are warning that the so-called “smart grid” efforts could usher in a new class of concerns, as utilities begin collecting more...

SSL Flaw Has Researchers Hustling to Fix

A flaw in the SSL protocol that could affect company networks, hosting environments and key machines has security researchers scrambling. The flaw, which requires a hack in to a network to launch, has devastating consequences and implications on database and mail servers. Discovered in August by...

SLES9: Security update for Acrobat Reader

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: acroread More details may also be found by searching for keyword 5019054 within the SuSE Enterprise Server 9 patch database at...