Monthly Archives: September 2012

Bank Attackers More Sophisticated Than Typical Hacktivists, Expert Says


September 28, 2012 By
The Vigilant Application Owner

CSO Online – (International) Bank attackers more sophisticated than typical hacktivists, expert says. The hackers who said they were behind cyberattacks that disrupted the online operations of several U.S. banks the week of September 24 had technical firepower that went beyond the typical hacktivist, said one security expert. Experts debated the methods used in cyber-assaults […]

Continue reading...

Expert Finds XSS Flaw On eBay After Bypassing ‘Filtering Mechanisms’


By
The Vigilant Application Owner

Softpedia – (International) Expert finds XSS flaw on eBay after bypassing ‘filtering mechanisms’. eBay listed a security researcher in its hall of fame after the expert managed to identify a very unusual non-persistent cross-site scripting (XSS) vulnerability. ―There was a WAF/IPS in place which was filtering out the html and JavaScript being embedded into the […]

Continue reading...

Cyber Era Brings New Kinds Of Supply-chain Threats


September 27, 2012 By
The Vigilant Application Owner

Federal Computer Week – (International) Cyber era brings new kinds of supply-chain threats. Problems in the Defense Department‘s supply chain are not a new issue, however, the prevalence of digital systems brings a newer kind of threat: one that can be tiny in size but huge in potential impact. It is the risk of electronic […]

Continue reading...

Building Android Malware Is Trivial With Available Tools


By
The Vigilant Application Owner

SecurityWeek – (International) Building Android malware is trivial with available tools. Because of readily available tools that enable even a novice – 18 – developer to create malicious mobile applications, users should be cautious when downloading and installing mobile apps, especially from non-official App Stores. Developing Android malware to harvest information is a trivial task […]

Continue reading...

That’s Billion with a B: Is Java Having an “Outlook” Moment?


September 26, 2012 By
Tim O'Brien

I’m a broken record, I know, but every month that goes by we get more and more news that suggests that Java developers (and the companies that support Java) are slow to wake up to these threats. You remember Outlook, maybe some of you are unlucky enough to still use Outlook, but for Microsoft, Outlook […]

Continue reading...

Backdoor In phpMyAdmin Allows Hackers To Execute PHP Code


September 25, 2012 By
The Vigilant Application Owner

Softpedia – (International) Backdoor in phpMyAdmin allows hackers to execute PHP code. phpMyAdmin warned customers that a kit hosted on the SourceForge.net mirror system was found to contain a backdoor that allows remote attackers to execute arbitrary PHP code. The developers were notified by the Tencent Security Response Center that the distribution contains a malicious […]

Continue reading...

One Billion Users Affected By Java Security Sandbox Bypass Vulnerability, Experts Say


By
The Vigilant Application Owner

Softpedia – (International) One billion users affected by Java security sandbox bypass vulnerability, experts say. Researchers from Security Explorations claimed to identify a flaw that affects all Oracle Java SE versions and the billions of devices on which the software is currently installed. This bug, codenamed issue 50, was identified just before the start of […]

Continue reading...

JPMorgan Chase Bank Servers Hacked, Tiffany Employee Details Exposed


By
The Vigilant Application Owner

Softpedia – (New Hampshire; International) JPMorgan Chase Bank servers hacked, Tiffany employee details exposed. Computer servers owned by JPMorgan Chase Bank were breached, and the financial institution alerted high-end jewelry company Tiffany & Co because the affected machines contained the personal details of some employees, Softpedia reported September 25. ―Chase told us that the affected […]

Continue reading...

The Cloud is Running toward BSD-style Licenses, are you?


September 24, 2012 By
Tim O'Brien

The New York Times had a great article this weekend that explored some of the disconnect in the industry. In “Power, Pollution and the Internet”, James Glanz writes: “[the] foundation of the information industry is sharply at odds with its image of sleek efficiency and environmental friendliness.” This article is interesting in that it calls […]

Continue reading...