Facebook Prepares to Launch Bug Bounty Program !

Facebook Prepares to Launch Bug Bounty Program ! Facebook is working on setting up a bug bounty program that would encourage security researchers to discover vulnerabilities on its platform and report them responsibly. Mr. Joe Sullivan, Facebook's chief security officer, told us today at the Hack...

Fedora Update for acpid FEDORA-2011-6460

Check for the Version of acpid OpenVAS Vulnerability Test Fedora Update for acpid FEDORA-2011-6460 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

[SECURITY] Fedora 15 Update: acpid-2.0.9-4.fc15

acpid is a daemon that dispatches ACPI events to user-space programs...

Fedora Update for mozvoikko FEDORA-2011-6215

Check for the Version of mozvoikko OpenVAS Vulnerability Test Fedora Update for mozvoikko FEDORA-2011-6215 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Windows Servers Hacked at The Hartford Insurance Company !

Hackers have broken into The Hartford insurance company and installed password-stealing programs on several of the company's Windows servers. In a warning letter sent last month to about 300 employees, contractors, and a handful of customers, the company said it discovered the infection in late...

New Chinese MBR Rootkit Identified

A new rootkit that uses the master boot record MBR to hide itself has been discovered in China and is being used to install an online game password stealer. The bootkit is installed on the computer by a trojan downloader distributed from a Chinese adult site and is detected by Kaspersky as...

Directory traversal

Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System IGSS allows remote attackers to execute arbitrary programs via ..\ dot dot backslash sequences in opcodes 1 0xa and 2 0x17 to TCP port 12397...

CVE-2011-1566

Directory traversal vulnerability in dc.exe 9.00.00.11059 and earlier in 7-Technologies Interactive Graphical SCADA System IGSS allows remote attackers to execute arbitrary programs via ..\ dot dot backslash sequences in opcodes 1 0xa and 2 0x17 to TCP port 12397...

glibc: ld.so insecure handling of privileged programs' RPATHs with $ORIGIN

ld.so in the GNU C Library aka glibc or libc6 2.13 and earlier expands the $ORIGIN dynamic string token when RPATH is composed entirely of this token, which might allow local users to gain privileges by creating a hard link in an arbitrary directory to a 1 setuid or 2 setgid program with this RPA...

The Pharmaceutical Spam Machine

In this Lab Matters webcast, Kaspersky Lab senior spam analyst Maria Namestnikova looks closely at the pharmaceutical spam operations and discusses how spammers are using affiliate programs and rebuilt botnets to recover from last year’s crackdown...

HP OpenView Network Node Manager execvp_nc Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM01207 or NNM01206 without the SSRT100025 hotfix. By specifying a long 'sel' parameter when calling methods within the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow...

Step 5: Re-install Security Software

Once the scareware has been removed from your system, reinstall a reputable anti virus software package then use it to scan and clean your machine, once again. Scareware and rogue antivirus programs will often download and install other kinds of malicious programs while they have control of your...

Where to Begin

Scareware is one of the most pernicious online threats. For those who have been infected, it is also one of the hardest to forget. Rogue antivirus software and other forms of scareware hold victims hostage: shutting off access to their desktop and most of the Internet, disabling security software...

JDK unspecified vulnerability in Deployment component

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.229 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown...

Kevin Mitnick's latest Book : Ghost in the Wires - My Adventures As The World's Most Wanted Hacker !

Kevin Mitnick's latest Book : Ghost in the Wires - My Adventures As The World's Most Wanted Hacker ! Kevin Mitnick, the world's most wanted computer hacker, managed to hack into some of the country's most powerful - and seemingly impenetrable - agencies and companies. By conning employees into...

Cyber Ethics, Safety and Security Education is essential for Indian users ?

India is an emerging economy investing in computerization and broadband for rapid and balanced economic development. The Indian government has embarked on large egovernance programs and enablers like the Unique ID program UID which provides a unique biometric based ID for all Indian residents. Th...

Attackers Find Point-of-Sale Software an Easy Target

While most consumers worry about their credit card or debit card numbers or other valuable data being stolen from their home computers or leaked via a data breach at their banks, a new report shows that the vast majority of attacks that harvest this sensitive data actually target weak software on...

Anonymous Press Release for Journalists !

Anonymous Press Release for Journalists ! Today Anonymous Hackers Release a new Press Note for all those Journalists, who writing a story, and have come to their website to do research, or pull a quote. AnonNews uses an open-posting concept. Anyone can post to the site, and moderators will approv...

U.S. Military's Cyber Chief Warns Of Eroding Technical Prowess

SAN FRANCISCO — The U.S. Military’s top officer in charge of cyber security said that the country must invest more in so-called “STEM” programs – science, technology, engineering and math – to avoid being outflanked in a world where cyber offensive- and defensive operations are the keys to milita...

Pentagon Requests Half Billion in Funding to DARPA

In the Pentagon’s 2012 defense budget request, DARPA stands to receive roughly a half billion dollars in funding to “invest in cybertechnologies.” However, what that means is unclear. The announcement represents growing concerns by the federal government that the United States is sorely...