Author Archives: The Vigilant Application Owner

Over 85,000 HP Printers Found to be Publicly Accessible Via the Internet


January 29, 2013 By
The Vigilant Application Owner

Softpedia – (International) Over 85,000 HP printers found to be publicly accessible via the Internet. A software researcher discovered that over 85,000 printers made by HP are available via a focused Google search, allowing remote access. Source: http://news.softpedia.com/news/Over-85-000-HP-Printers-Found-to-Be-Publicly-Accessible-Via-the-Internet-324836.shtml

Continue reading...

Ruby On Rails 3.0.20 and 2.3.16 Released to Address Extremely Critical Vulnerability


By
The Vigilant Application Owner

Softpedia – (International) Ruby on Rails 3.0.20 and 2.3.16 released to address extremely critical vulnerability. The developers of Ruby on Rails released versions 3.0.20 and 2.3.16 and advised users to immediately apply the update to close a major vulnerability in past versions. Source: http://news.softpedia.com/news/Ruby-on-Rails-3-0-20-and-2-3-16-Released-to-Address-Extremely-Critical-Vulnerability-324866.shtml

Continue reading...

5 Years After Major DNS Flaw is Discovered, Few US Companies Have Deployed Long-term Fix


By
The Vigilant Application Owner

Network World – (International) 5 years after major DNS flaw is discovered, few US companies have deployed long-term fix. Very few U.S. online retailers, internet service providers (ISP), and financial institutions have implemented a major vulnerability in the Domain Name System (DNS), five years after the vulnerability was discovered. Source: http://www.networkworld.com/news/2013/012913-dnssec-266197.html

Continue reading...

Security Hole Found on IO, AC, SH, TM Domain Registrar Sites


January 28, 2013 By
The Vigilant Application Owner

Softpedia – (International) Security hole found on IO, AC, SH, TM domain registrar sites. Hacker recently uncovered a vulnerability in the Web sites of domain registrars who oversee the .io (Indian Ocean), .tm (Turkmenistan), .ac (Ascension Island), and .sh (Saint Helena) domains that allow attackers to gain access – 8 – to DNS records. Source: […]

Continue reading...

SCADA Password Cracking Code Available


January 25, 2013 By
The Vigilant Application Owner

Help Net Security – (International) SCADA password cracking code available. The Industrial Control Systems Cyber Emergency Response Team (ICSCERT) warned that a proof-of-concept exploit code was released that can brute force passwords to programmable logic controllers (PLC) before the vulnerability could be addressed by the manufacturer, Siemens. Source: http://www.net-security.org/secworld.php?id=14303

Continue reading...

GitHub Forced To Diable Search After Exposing Private SSH Keys


By
The Vigilant Application Owner

Softpedia – (International) GitHub forced to disable search after exposing private SSH keys. GitHub disabled its new search function after it returned results that included private Secure Shell (SSH) keys used by several Web sites. Source: http://news.softpedia.com/news/GitHub-Forced-to-Disable-Search-After-Exposing-Private-SSH-Keys-324200.shtml

Continue reading...

Web Server Hackers Install Rogue Apache Modules And SSH Backdoors, Researchers Say


January 24, 2013 By
The Vigilant Application Owner

IDG News Service – (International) Web server hackers install rogue Apache modules and SSH backdoors, researchers say. Researchers from Securi reported that a group of attackers using rogue Apache modules has been replacing Secure Shell (SSH) binary files in compromised servers with backdoored versions that collect user information and passwords from incoming and outgoing SSH […]

Continue reading...

Backdoors Found In Barracuda Networks Gear


By
The Vigilant Application Owner

Krebs on Security – (International) Backdoors found in Barracuda Networks gear. Various spam filters, firewalls, and VPN appliances sold by Barracuda Networks contain undocumented backdoor accounts that could be remotely accessed via secure shell (SSH) and are accessible to hundreds of non-Barracuda companies, the vendor acknowledged. Source: http://krebsonsecurity.com/2013/01/backdoors-found-in-barracuda-networks-gear/

Continue reading...

Security Flaws Leave Networked Printers Open To Attack


January 23, 2013 By
The Vigilant Application Owner

InformationWeek – (International) Security flaws leave networked printers open to attack. A security researcher discovered flaws in Hewlitt-Packard’s JetDirect printer networking software which can be used to bypass security controls, disable printers, or reprint previous documents. Source: http://www.informationweek.com/security/vulnerabilities/security-flaws-leave-networked-printers/240146805

Continue reading...

PayPal Addesses Blind SQL Injection Vulnerability After Being Notified By Experts


January 22, 2013 By
The Vigilant Application Owner

Softpedia – (International) PayPal addresses blind SQL injection vulnerability after being notified by experts. About 5 months after being notified by cyber security experts, PayPal has fixed a security flaw on their Web site which was vulnerable to a Blind SQL Injection. Source: http://news.softpedia.com/news/PayPal-Addresses-Blind-SQL-Injection-Vulnerability-After-Being-Notified-by-Experts-323053.shtml

Continue reading...