Monthly Archives: April 2012

Attackers Place Command and Control Servers Inside Enterprise Walls


April 30, 2012 By
The Vigilant Application Owner

April 30, SecurityWeek ­ (International) Attackers place command and control servers inside enterprise walls. Skilled attackers are burrowing their command and control (C&C) servers inside the networks of compromised businesses to circumvent security measures, according to a security expert familiar with the innovative new attack method. Trend Micro observed dozens of incidents where these tactics […]

Continue reading...

VMware Patches Vulnerabilities in ESX 4.1


By
The Vigilant Application Owner

April 30, H Security ­ (International) VMware patches vulnerabilities in ESX 4.1. Virtualization specialist VMware is warning customers about multiple security holes in versions 4.0 and 4.1 of its ESX enterprise-level computer virtualization product. According to the company, the Service Console in ESX 4.1 on unpatched systems can be exploited by a local user in […]

Continue reading...

Now Available: Nexus OSS 2.0.4


By
Tim O'Brien

Sonatype is pleased to announce the release of Nexus OSS 2.0.4. Nexus 2.0.4 OSS is available and ready for download immediately. If you are new to Nexus, or if you are an existing user, go to http://www.sonatype.org/nexus/go, click on the download button and get started. Nexus OSS 2.0.4: A Focus on Usability One of the […]

Continue reading...

Backdoor That Threatens Power Stations To Be Purged From Control System


April 28, 2012 By
The Vigilant Application Owner

April 28, Ars Technica ­ (International) Backdoor that threatens power stations to be purged from control system. Mission-critical routers used to control electric substations and other critical infrastructure are being updated to remove a previously undocumented backdoor that could allow vandals to hijack the devices, manufacturer RuggedCom said April 27. The announcement by the Ontario, […]

Continue reading...

Ghost of HTML5 Future: Web Browser Botnets


April 27, 2012 By
The Vigilant Application Owner

April 27, The Register ­ (International) Ghost of HTML5 future: Web browser botnets. During a presentation at the B-Sides Conference in London, England, April 25, a senior threat researcher at Trend Micro outlined how HTML5 could be used to launch browser-based botnets and other attacks. The new features in the revamped markup language ‹ from […]

Continue reading...

Critical Bug Reported in Oracle Servers


April 26, 2012 By
The Vigilant Application Owner

April 26, Threatpost ­ (International) Critical bug reported in Oracle servers. There is a critical remotely exploitable vulnerability in all of the current versions of the Oracle database server that can enable an attacker to intercept traffic and execute arbitrary commands on the server. The bug, which Oracle reported as fixed in the most recent […]

Continue reading...

Backdoor in Mission-Critical Hardware Threatens Power, Traffic-Control Systems


April 25, 2012 By
The Vigilant Application Owner

April 25, Ars Technica – (International) Backdoor in mission-critical hardware threatens power, traffic-control systems. Equipment running RuggedCom’s Rugged Operating System networking gear has an undocumented account that cannot be modified and a password that is trivial to crack. According to researchers, for years the company did not warn the power utilities, military facilities, and municipal […]

Continue reading...

VMvare confirms Server Hypervisor Source Code Leak


By
The Vigilant Application Owner

April 25, Help Net Security – (International) VMvare confirms server hypervisor source code leak. VMware confirmed a file from the VMware ESX server hypervisor source code was leaked by a hacker that goes by the handle “Hardcore Charlie.” The posted code and associated commentary dates to the 2003 to 2004 timeframe, said the director of […]

Continue reading...