Monthly Archives: January 2013

Expert Finds Security Holes In Sites Of Microsoft, Twilio and ProActive CMS


By
The Vigilant Application Owner

Softpedia – (International) Expert finds security holes in sites of Microsoft, Twilio and ProActive CMS. A security researcher discovered vulnerabilities in Web sites belonging to Microsoft and Twilio, as well as issues in ProActive content management system (CMS). Twilio and Microsoft addressed their respective cross-site request forgery and cross-site scripting vulnerabilities, while the ProActive CMS […]

Continue reading...

Secure Central Connectivity – Artifactory & Archiva Now Supported


January 15, 2013 By
Derek Weeks

Keeping with our desire to protect the entire Central Repository ecosystem, SSL connectivity to the Central Repository from JFrog Artifactory or Apache Archiva is now available. We’re using SSL because it is the standard mechanism for protecting web traffic – across the spectrum of Ecommerce, banking, health care, and so on. Providing SSL support for […]

Continue reading...

Nexus 2.3 Now Available – Includes Support for Yum


By
Derek Weeks

We know how critical Nexus has become to effectively source components and drive greater efficiency in the development lifecycle. We are constantly working to expand the Nexus ecosystem so Nexus can be used to manage additional component technologies. The latest release, Nexus 2.3, available now, provides support for Yum repositories. Now you can leverage Nexus, […]

Continue reading...

Red October Cyber Espionage Campaign Relied On Java Exploit To Infect Computers


By
The Vigilant Application Owner

Softpedia – (International) Red October cyber espionage campaign relied on Java exploit to infect computers. Researchers at Seculert analyzed the recently-discovered ‘Red October’ cyber espionage campaign and found that it had also utilized a Java vulnerability to disseminate malware. Source: http://news.softpedia.com/news/Red-October-Cyber-Espionage-Campaign-Relied-on-Java-Exploit-to-Infect-Computers-321319.shtml

Continue reading...

Last Chance: 2013 Open Source Development Survey Closes Tomorrow Take It For Your Chance To Win A Brand New Apple Workstation


January 14, 2013 By
Emily Blades

Time is running out!  Share your open source knowledge, experiences and challenges for your chance to win Jason’s brand new Apple workstation including a 15″ MacBook Pro with Retina display, a 27″ Thunderbolt display, an Apple Magic Mouse and an Apple Wireless Keyboard. We’ve also snagged both of his iPad minis. That’s enough loot for […]

Continue reading...

Cybersleuths Uncover 5-year Spy Operation Targeting Government, Others


By
The Vigilant Application Owner

Wired.com – (International) Cybersleuths uncover 5-year spy operation targeting governments, others. Kaspersky Lab researchers uncovered a sophisticated, long-running cyber espionage campaign targeting governments, energy companies, embassies, and aerospace companies dubbed ‘Red October.’ The malware used is customized to individual targets, uses a complex command and control system, and utilizes spear phishing attacks to infect victims. […]

Continue reading...

Oracle Responds To Warning On Java Vulnerability


January 13, 2013 By
The Vigilant Application Owner

International Business Times – Oracle has announced fixes for two flaws in its Java software. One research group says Java was responsible for half of all cyberattacks in 2012 that involved an exploited software bug. Last week, the Department of Homeland Security and security researchers said they had identified vulnerabilities in the software that could […]

Continue reading...

Oracle Ships Critical Security Update For Java


By
The Vigilant Application Owner

Krebs on Security – (International) Oracle ships critical security update for Java. Oracle released an update for Java to fix the recent critical vulnerability that allowed malware to exploit computers running the program. The update also increases the default security settings for running Java applications from ‘medium’ to ‘high.’ Source: http://krebsonsecurity.com/2013/01/oracle-ships-critical-security-update-for-java/

Continue reading...