Thursday, September 02, 2010 9:29:52 AM Demo of CVE-2010-2862 Adobe Reader Flaw Exploit
In this video, Niklas Wolff of the CSIS Security Group demonstrates an exploit for the recent integer overflow vulnerability in Adobe Reader (CVE-2010-2862), disclosed at Black Hat in July, that allows remote code execution.
Read More
|
|
|
Thursday, September 02, 2010 9:04:11 AM Online Bank Fraud Hammering Small Businesses
Online bank fraud, for all of its obvious ploys and tired tactics, is still a remarkably effective way to make money. Too lazy or clueless to get a real job? Go phishing. Lots of people are doing it, and by some estimates, it's evolving into a nearly $1 billion business.
Read More
|
|
|
Thursday, September 02, 2010 12:28:26 AM Researcher Will Demo Bypass of Windows Service Isolation Feature
A prominent researcher will use an upcoming security conference in Buenos Aires to demonstrate an exploit that allows hackers to bypass the Windows Service Isolation feature, despite Microsoft's efforts to close the security loophole.
Read More
|
|
|
Wednesday, September 01, 2010 5:20:42 PM Researcher Finds HP Printer Security Flaw
A cybersecurity researcher has discovered an easy way for a hacker to
swipe copies of documents scanned by Hewlett-Packard all-in-one printers
widely used in workplace settings. Read the full article. [The Last Watchdog]
Read More
|
|
|
Wednesday, September 01, 2010 4:29:49 PM Survey Scam Offers False Shelter From Surveys
Scammers are offering prospective marks an application that supposedly shields them from exposure to survey scams. Naturally, you first have to fill in a survey to install the script,
which is punted through Userscripts(dot)org. Read the full article. [The Register]
Read More
|
|
|
Wednesday, September 01, 2010 3:54:16 PM Thieves Steal $1 Mil from Univ. of Virginia
Cyber crooks stole just shy of $1 million from a satellite campus of The University of Virginia last week. Read the full article. [KrebsonSecurity]
Read More
|
|
|
Wednesday, September 01, 2010 3:15:08 PM USB Drives Remain Major Security Threat
The recent admission by a top Department of Defense official that a classified network was compromised in 2008 through an infected USB drive has brought the spotlight back onto the myriad threats that these portable devices pose to corporate networks.
Read More
|
|
|
Wednesday, September 01, 2010 11:59:52 AM Google Code Discovered Serving Malware
Google has removed malicious programs from its Google Code platform after Web firm zScaler said the company's servers were being used to serve malicious code.
Read More
|
|
|
Wednesday, September 01, 2010 11:41:31 AM Easily Exploitable Bugs Becoming a Precious Commodity
There has never been more focus on security than there is right now, whether it's from software vendors looking to eliminate flaws in their products, from attackers looking to exploit those flaws or from customers who are sick of having their PCs compromised. And as the focus has intensified in recent months, researchers say that, for a variety of reasons, it has become increasingly difficult to find exploitable client-side bugs--particularly memory-corruption flaws--leading them to dig deeper and find more exotic bugs.
Read More
|
|
|
Wednesday, September 01, 2010 9:38:15 AM Microsoft Publishes New FixIt Tool For DLL Bug
Microsoft has released some updated guidance on the recent DLL-hijacking bug, including a new FixIt tool that enables the workaround for the vulnerability that Microsoft shipped late last month.
Read More
|