Blog Posts Tagged with "Alert"

8e6e3972318ff74b194801340248199e

Security Information Addict

August 12, 2012 Added by:Scott Thomas

Part of the infosec profession is staying abreast of news and events. You need to know what attacks are going on in order to know how to defend against them. The problem with this is that it consumes all your free time. What you start to realize though, is you become addicted to information overload...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Alert: Fake FBI Emails Seek Personal Information

June 26, 2012 Added by:Headlines

The fraudulent e-mails give the appearance of legitimacy due to the use of pictures of the FBI Director, seal, letterhead, and/or banners. The schemes cover a range from threat and extortion e-mails, website monitoring containing malicious computer program attachments (malware), and online auction scams...

Comments  (0)

54b393d8c5ad38d03c46d060fa365773

How and Why to Alert Your Employees of the LinkedIn Breach

June 07, 2012 Added by:Jason Clark

Cyber security teams should send out an employee alert explaining why LinkedIn passwords need to be changed and best practices for doing so. You may not have direct IT control over individual LinkedIn accounts, but your communication may alleviate social engineering attacks on employees and your network...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

US Gas Pipeline Companies Under Major Cyber Attack

May 07, 2012 Added by:Headlines

“Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign from a single source. It goes on to broadly describe a sophisticated 'spear-phishing' campaign..."

Comments  (1)

Ba829a6cb97f554ffb0272cd3d6c18a7

FBI Warns: GameOver

January 10, 2012 Added by:Kevin McAleavey

The significant part of the DDOS angle with the GameOver Zeus Trojan attack is that it serves as a diversion while the looting continues, and prevents access to mitigation with the bank until it's too late. That's what motivated the FBI to put out this alert...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT Issues New SCADA Vulnerability Advisory

December 14, 2011 Added by:Headlines

Santamarta uncovered multiple hidden accounts with default passwords in the systems that could allow an attacker to remotely access the network, view and modify the module's firmware, execute arbitrary malicious code, or cause a denial of service interruption...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

ICS-CERT Warns Facilities of Exposure via SHODAN

December 12, 2011 Added by:Headlines

"The use of readily available and generally free search tools significantly reduces time and resources required to identify Internet facing control systems. In turn, hackers can use these tools to easily identify exposed control systems, posing an increased risk of attack..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Lockheed Warns Adobe of New Exploit in the Wild

December 07, 2011 Added by:Headlines

"This U3D memory corruption vulnerability could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that the vulnerability is being actively exploited in the wild in limited, targeted attacks against Adobe Reader 9.x on Windows..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Is the Security Response System for SCADA-ICS Broken?

December 05, 2011 Added by:Headlines

"Publicly disclosing affected identity names and incident information is highly unusual and not part of ICS-CERT's normal incident reporting and triage procedures. In this particular case, because unconfirmed information had already been leaked to the public..."

Comments  (0)

6648b1abd4a9b964566c3690613f20a6

Affiliate Marketing Scam

November 21, 2011 Added by:Mark Baldwin

Just about every adult website has an affiliate program and it is not uncommon for scammers to look for ways to take advantage of these programs. I was recently informed by a large payment gateway operator of a scam that is currently in operation. Here is how it works...

Comments  (2)

69dafe8b58066478aea48f3d0f384820

Last Call for Input on ISP Botnet Intervention Proposal

November 02, 2011 Added by:Headlines

“In our country, we always have this debate whether the government should take a stronger hand or whether market forces are enough. We've run out of time to have that conversation, at least on some level. We have to get something done..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Adobe Issues Patch for Flash Zero Day Vulnerability

September 22, 2011 Added by:Headlines

"One of these vulnerabilities is being exploited in the wild in active targeted attacks... This universal cross-site scripting issue could be used to take actions on a user's behalf on any website or webmail provider if the user visits a malicious website..."

Comments  (0)

69dafe8b58066478aea48f3d0f384820

DHS: Natural Disasters Fostering Social Engineering

August 25, 2011 Added by:Headlines

The DHS's National Cybersecurity and Communications Integration Center (NCCIC) is warning that malicious users may seek to exploit interest related to physical events such as earthquakes and hurricanes by generating phishing emails with subject lines related to the incidents...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

CERT Warns of Iconics SCADA Software Vulnerability

May 13, 2011 Added by:Headlines

GenVersion.dll is a component used by the WebHMI interface. By passing a specially crafted string to the SetActiveXGUID method, it is possible to overflow a static buffer and execute arbitrary code with the privileges of the logged on user. Users could be lured to malicious sites...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

LastPass Password Manager Issues Security Alert

May 05, 2011 Added by:Headlines

To counter the potential threat, LastPass is going to force everyone to change their master passwords. Additionally, they're going to want an indication that you're you, by either ensuring that you're coming from an IP block you've used before or by validating your email address...

Comments  (1)

B451da363bb08b9a81ceadbadb5133ef

Is Oracle Misleading Its Database Customers With CPUs?

April 26, 2011 Added by:Alexander Rothacker

Is Oracle misleading its database customers during its quarterly Critical Patch Updates (CPUs)? Unfortunately for its customers, Oracle has figured out a way to downplay the severity of its vulnerabilities and water down the Common Vulnerability Scoring System (CVSS) scoring...

Comments  (0)

Page « < 1 - 2 > »