Monthly Archives: April 2012

Hackers Now Pick Tools From Script Kiddies’ Toybox – Report


April 24, 2012 By
The Vigilant Application Owner

April 24, The Register – (IDG News Service) Hackers now pick tools from script kiddies’ toybox – report. Hackers are increasingly turning to automated software tools to launch attacks. According to research from Imperva, more than 60 percent of SQL injection attacks and as many as 70 percent of Remote File Inclusion attacks (the two […]

Continue reading...

Categories: Uncategorized

Number-munching Clouds Are Godsend for Cybercrooks – Experts


By
The Vigilant Application Owner

The Register – (International) Number-munching clouds are godsend for cybercrooks – experts. Cloud computing providers recently came under fire from security experts who blamed them for giving cyber criminals the tools to launch attacks more easily, efficiently, and anonymously than ever before. Speaking at the fourth InfoSecurity Summit in Hong Kong April 24, a senior […]

Continue reading...

Categories: Uncategorized

OpenSSL Releases New Fix for CVE-2012-2110 ASN1 Bug


By
The Vigilant Application Owner

April 24, Threatpost – (International) OpenSSL releases new fix for CVE-2012-2110 ASN1 bug. The OpenSSL developers had to re-release the fix for a serious vulnerability in the software’s ASN.1 implementation that could allow an attacker to cause a denial-of-service or potentially run arbitrary code on a remote machine. The updated fix only applies to version […]

Continue reading...

Categories: Uncategorized

Hackers Targeting Governments with Hijacked Sites


April 21, 2012 By
The Vigilant Application Owner

April 21, V3.co.uk – (International) Hackers targeting governments with hijacked sites. Malicious code planted within compromised Wed pages has become the latest method for attackers targeting government organizations, according to research from security firm Zscaler, V3.co.uk reported April 21. The firm discovered many government-affiliated Web sites with code that directs users to attack servers. The […]

Continue reading...

Categories: Uncategorized

Can Nexus Scale?


April 20, 2012 By
Tim O'Brien

We’re often asked by customers to prove that Nexus can scale to meet the demands of thousands, and sometimes tens of thousands, of developers. Fortunately, we don’t have to stand up an expensive set of machines for a proof-of-concept as we have the world’s largest collection of active open source projects hosted on a single […]

Continue reading...

Categories: Uncategorized

An Emerging Role in IT Governance: The ALM Architect


By
Tim O'Brien

Whenever I’m at a client I tend to ask, “Who decides what open source packages are acceptable?” Nine times out of 10, people will say something about an “Architecture” group. Maybe there’s a single architecture group that sets standards across the entire department, or, more often, there are several groups that offer a set of […]

Continue reading...

Categories: Uncategorized

Analysis: Flashback Spread Via Social Engineering, Then Java Exploits


April 19, 2012 By
The Vigilant Application Owner

April 19, Threatpost – (International) Analysis: Flashback spread via social engineering, then Java exploits. Kaspersky Lab’s latest analysis of the Mac OS X Flashback botnet revealed its malware was spread via drive-by downloads on hacked WordPress Web sites. From September 2011 until February 2012, the Flashback creators distributed the trojan through compromised WordPress sites that […]

Continue reading...

Categories: Uncategorized