Monthly Archives: May 2012

CERT Warns On Critical Hole In SCADA Software By Italian Firm Progea


May 11, 2012 By
The Vigilant Application Owner

Threatpost – (International) CERT warns on critical hole in SCADA software by Italian firm Progea. The DHS issued a bulletin May 10 warning about a previously undisclosed, critical vulnerability in Movicon 11, a product used to manage critical infrastructure including the manufacturing, energy, and water sectors. The Industrial Control Systems Cyber Emergency Response Team posted […]

Continue reading...

Webinar Replay Now Available: Manage Your OS Components at Build Time in Hudson & Jenkins


By
Emily Blades

A big thanks to all of you who registered and attended our sneak preview of Insight for CI last week. We had a great turnout and a lot of fantastic questions! If you didn’t have a chance to register, that doesn’t mean you have to miss out. The replay is now available. Request the webinar […]

Continue reading...

Critical Vulnerability In vBSEO Patched


May 10, 2012 By
The Vigilant Application Owner

H Security – (International) Critical vulnerability in vBSEO patched. The developers of the vBSEO extension to the vBulletin forum software closed a critical vulnerability in their plugin. The vBSEO plugin adds search engine optimization (SEO) functionality to the vBulletin core code. The vulnerability — a SQL injection flaw that allows attackers to execute commands and […]

Continue reading...

APT Attackers Are Increasingly Using Booby-trapped RTF Documents


By
The Vigilant Application Owner

IDG News Service – (International) APT attackers are increasingly using booby-trapped RTF documents. Booby-trapped Rich Text Format (RTF) documents are one of the most common types of malicious Microsoft Office files that are used to infect computers with advanced persistent threats, according to security researchers from Trend Micro. The company’s statistics show that 63 percent […]

Continue reading...

Research Uncovers IRC Bot Malware For Android


May 9, 2012 By
The Vigilant Application Owner

Infosecurity – (International) Research uncovers IRC bot malware for Android. McAfee Labs researchers discovered Android malware that acts as an Internet relay channel (IRC) bot. The Android malware, which masquerades as the Madden NFL 2012 video game, has three embedded modules that perform various malicious activities, explained a researcher with McAfee Labs. The main component […]

Continue reading...

Java Drive-by Generator Used In Recent Attack


By
The Vigilant Application Owner

May 9, Help Net Security – (International) Java drive-by generator used in recent attack. A malware delivery campaign that doubles infection efforts to ensure users are compromised was recently spotted by F-Secure researchers. One discovered a Web site that poses as a “Gmail Attachment Viewer,” which attempts to make the visitor run the offered application. […]

Continue reading...

Microsoft Patch Tuesday More Extensive Than Anticipated


By
The Vigilant Application Owner

May 9, H Security – (International) Microsoft Patch Tuesday more extensive than anticipated. Microsoft released 7 bulletins to close 23 vulnerabilities on its May Patch Tuesday. The total number of bulletins belies the scope of the patches, however, as the combined update MS12-034 closes holes in numerous products. The reason for this is a critical […]

Continue reading...

Nexus is for Sharing


By
Tim O'Brien

One of our customers asked me for a presentation deck making a simple case for bringing Nexus into a development environment: what are the broad stroke benefits of the repository from the perspective of the Enterprise? This video is that presentation, it doesn’t spend too much time enumerating a list of pro features. It focuses […]

Continue reading...

Targeted Attack Infiltrates At Least 20 Companies


May 8, 2012 By
The Vigilant Application Owner

May 8, Dark Reading – (International) Targeted attack infiltrates at least 20 companies. Beginning in mid-2011, a widespread series of cyberattacks targeted a number of private firms, think thanks, and government organizations with links to policies of interest to China. While attributing attacks to a specific actor is difficult, the attackers used a common command-and-control […]

Continue reading...