Tag Archives: component vulnerabilities

Highway Traffic Monitoring System Has Exploitable Electronic Flaws, Says CERT


December 3, 2012 By
The Vigilant Application Owner

Government Security News – (National) Highway traffic monitoring system has exploitable electronic flaw, says CERT. Systems that can track automotive traffic on roadways, providing speed and highway traffic behavior patterns has a flaw that could allow a skilled hacker to break in, according to the U.S. Industrial Control System Computer Emergency Readiness Team (ICS-CERT). A […]

Continue reading...

Pacemakers, Other Implanted Devices, Vulnerable to Lethal Attacks


November 28, 2012 By
The Vigilant Application Owner

Homeland Security News Wire – (International) Pacemakers, other implanted devices, vulnerable to lethal attacks. IT experts reported security flaws in pacemakers and defibrillators could be putting lives at risk, stating that many devices are not properly secured and therefore are vulnerable to hackers who may want to commit an act that could lead to multiple […]

Continue reading...

eBay Closes Critical Security Holes


November 25, 2012 By
The Vigilant Application Owner

The H – (International) eBay closes critical security holes. The online auction house eBay has fixed two vulnerabilities in its U.S. Web site. One of the vulnerabilities was a critical SQL injection hole in the site’s selling area that gave potential attackers unauthorized read and write access to one of the company’s databases. The hole […]

Continue reading...

Joomla 3.0.2 and 2.5.8 Available For Download, Security Fixes Included


November 9, 2012 By
The Vigilant Application Owner

Softpedia – (International) Joomla 3.0.2 and 2.5.8 available for download, security fixes included. The Joomla Project released Joomla 3.0.2 and Joomla 2.5.8. Both variants come with a number of improvements, including fixes for security issues. In Joomla 3.0.2, a medium priority cross-site scripting (XSS) vulnerability that affected the language search component was fixed. In the […]

Continue reading...

Siemens Software Targeted By Stuxnet Still Full Of Holes


November 8, 2012 By
The Vigilant Application Owner

IDG News Service – (International) Siemens software targeted by Stuxnet still full of holes. Software made by Siemens and targeted by the Stuxnet malware is still full of other dangerous vulnerabilities, according to researchers. The CTO of Positive Technologies was scheduled to give a presentation in July at Defcon, but it was pulled after Siemens […]

Continue reading...

Users Take Their Time Over Java And Flash Updates


November 6, 2012 By
The Vigilant Application Owner

The H – (International) Users take their time over Java and Flash updates. Of the computers studied by Kaspersky in the third quarter of 2012, 35 percent suffered from a Java vulnerability and 19 percent from a vulnerability in an Adobe product. Comparing Kaspersky’s quarterly security reports from 2010-2012 shows that the Oracle and Adobe […]

Continue reading...

Sophos Fixes Critical Security Vulnerability


By
The Vigilant Application Owner

The H – (International) Sophos fixes critical security vulnerability. A security expert revealed critical security vulnerabilities in Sophos antivirus software. This includes the publication of a proof-of-concept for a root exploit for Sophos 8.0.6 for Mac OS X, which utilizes a stack buffer overflow when searching through PDF files. The vulnerability is also likely to […]

Continue reading...

Backdoor In Computer Controls Opens Critical Infrastructure To Hackers


October 25, 2012 By
The Vigilant Application Owner

Ars Technica – (International) Backdoor in computer controls opens critical infrastructure to hackers. Software used to manage equipment in power plants, military environments, and nautical ships contain an undocumented backdoor that could allow malicious hackers to access sensitive systems without authorization. The CoDeSys software tool, which is used in industrial control systems sold by 261 […]

Continue reading...

Hackers Get 10 Months To pwn Victims With 0-days Before world+dog Finds Out


October 24, 2012 By
The Vigilant Application Owner

The Register – (International) Hackers get 10 months to pwn victims with 0-days before world+dog finds out. Hackers exploit security vulnerabilities in software for 10 months on average before details of the holes surface in public, according to a new study. Researchers from Symantec believe that these zero-day attacks, so called because they are launched […]

Continue reading...