Blog Posts Tagged with "Microsoft"
SQL Injections In Stored Procedures
May 25, 2011 Added by:Alexander Rothacker
This post discusses how SQL injection in stored procedures could be exploited in Microsoft SQL Server, Oracle, and Sybase ASE databases. SQL injection is an attack that allows an unprivileged user to execute SQL code with elevated privileges due to a bug in the input sanitation...
Comments (0)
Web App Configuration Analyzer 2.0 Tool Released
May 20, 2011 Added by:Headlines
Web Application Configuration Analyzer (WACA) is a tool that scans a server against a set of best practices recommended for pre-production and production servers. It can also be used by developers to ensure that their codebase works within a secure / hardened environment...
Comments (0)
Fake Windows Security Updates Spread Zeus Trojan
May 13, 2011 Added by:Headlines
In the run-up to Microsoft's Patch Tuesday, Windows users are being warned of an email spam campaign designed to infect PC's with the Zeus Trojan. Researchers indicate the malware spam operation began on Friday, May 6, and is still actively delivering the fake update alerts...
Comments (0)
Google Sued for Surreptitious Android Location Tracking
May 03, 2011 Added by:Headlines
The lawsuit alleges privacy violations for the collection of location data, deceptive business practices for failing to notify customers, and violations of the Computer Fraud and Abuse Act for harvesting the data from individual devices...
Comments (0)
Microsoft Statement: We Collect Your Location Data Too
April 27, 2011 Added by:Headlines
Microsoft insists that if the Wi-Fi feature is disabled on a device that no location data is collected or transmitted, and also states that even if the feature is active, data is only collected if the user gives an application permission to access location data...
Comments (0)
Hackers Go After Points, Credits, and Virtual Currency
April 25, 2011 Added by:Robert Siciliano
These virtual dollars and virtual goods have real value. Virtual currency includes the points customers receive from retailers, merchants, airlines, hotels, and credit card companies through loyalty programs. These points are the second most traded currency on the planet...
Comments (0)
Microsoft Issues Advisories for Chrome and Opera
April 20, 2011 Added by:Headlines
The first vulnerability affecting both browsers could have allowed access to private information. The second one that affected only Chrome exploited a weakness in how the browser accessed memory, and could have allowed an attacker to execute code within the Google Chrome Sandbox...
Comments (0)
Microsoft Slams Google Over FISMA Certification Claims
April 12, 2011 Added by:Headlines
"Google can’t be under the misimpression that FISMA certification for Google Apps Premier also covers Google Apps for Government. If that were the case, then why did Google, according to the attachments in the DOJ brief, decide to file a separate FISMA application?"
Comments (0)
MITM Attack Exploits Windows IPv6 Protocols
April 06, 2011 Added by:Headlines
“All these Windows boxes will default connect to the evil router instead of the legitimate router when this parasitic overlay is running. If Microsoft didn't have that configuration by default, it would negate a lot of the effects of the attack..."
Comments (0)
What's Next for the FTC's Proposed Privacy Framework?
April 04, 2011 Added by:David Navetta
Shortly after the FTC Privacy Framework's release and its “Do Not Track” proposal, the response was robust to say the least. Several major web browsers announced support for a browser-based means of defeating persistent online tracking...
Comments (0)
Windows Support Scam Update
April 01, 2011 Added by:Simon Heron
This scam involves fraudsters cold calling people claiming to be a Windows support tech and getting the victim to give them remote access to their PCs in the guise of helping them ‘cleanse’ their systems – as long as the victim hands over money or in some cases much more...
Comments (1)
Comodo Fingers Iranian Hackers in Digital Certificate Heist
March 24, 2011 Added by:Headlines
"We believe these are politically motivated, state-driven/funded attacks. One of the origins of the attack that we experienced is from Iran. What is being obtained would enable the perpetrator to intercept Web-based email/communication," said Melih Abdulhayoglu, the CEO and founder of Comodo...
Comments (0)
Google Says Microsoft MHTML Bug Exploited by China
March 21, 2011 Added by:Headlines
Google has blamed the Chinese government for problems accessing Gmail. Google "noticed some highly targeted and apparently politically motivated attacks against our users. We believe activists may have been a specific target. We’ve also seen attacks against users of another popular social site..."
Comments (0)
Microsoft Instrumental in the Rustock Botnet Take Down
March 18, 2011 Added by:Headlines
Microsoft provided documentation that detailed the botnet's extensive structure in a federal court filing. Acting on the information, federal marshals raided several internet hosting providers across the U.S. and seized servers suspected of being used as command and control units...
Comments (2)
Configuring Web 2.0 Applications to be Friendly But Secure
February 25, 2011 Added by:Danny Lieberman
In the course of a security audit/penetration test of a social networking Web site this week that was developed and deployed on Ubuntu, I was reminded yet again that we all have something to learn. Even Linux geeks...
Comments (0)
Cyber Arms Intelligence Report: Egypt and the Kill Switch
February 07, 2011 Added by:Dan Dieterle
The protests in Egypt have touched off controversy here in the US over Obama’s internet kill switch. Joe Lieberman and his co-sponsors are planning on introducing the Cyber Security and American Competitiveness Act of 2011 during the current session in congress...
Comments (0)
- University of Arizona Researchers Going on Offense and Defense in Battle Against Hackers
- Securing the Internet of Things (IoT) in Today's Connected Society
- What Is Next Generation SIEM? 8 Things to Look For
- Cybersecurity and Online Trading: An Overview
- Artificial Intelligence: The Next Frontier in Information Security
- Five Main Differences between SIEM and UEBA
- For Cybersecurity, It’s That Time of the Year Again
- Myth Busters: How to Securely Migrate to the Cloud
- Microsoft Makes OneDrive Personal Vault Available Worldwide
- Human-Centered Security: What It Means for Your Organization