Archive | Vulnerability RSS feed for this section

Lax security blamed for 100,000+ sensitive files found on Manning’s PC

Posted December 20, 2011 The fourth pretrial hearing for Army Pfc. Bradley Manning put the spotlight on more than 100,000 sensitive documents and conversation logs between Manning and a former hacker. This case raises a core question: How can organisations contain the considerable risk presented by rogue employees? Here’s the story.

Leave a comment Continue Reading →

Visa looks into Eastern European security breach

Posted December 17, 2011 Romanian state-owned CEC Bank has blocked and reissued 17,000 credit cards on suspicion that they had been compromised, and a security blogger warns of loopholes in the security of “Verified by Visa.” For more, see the full story at Naked Security.

Leave a comment Continue Reading →

Researchers: Google gamed browser report that dissed Firefox

Posted December 16, 2011 Surprise, surprise: It turns out that the Google-sponsored study that painted Firefox in a poor light might have been influenced by the sponsor. Check out the story at Naked Security.

Leave a comment Continue Reading →

In God We Trust, but Security Vendors Need to Sign the Papers

If Anonymous, LulzSec et al. can pwn security vendors, who can protect us? Here’s help on how to rate security vendors on the sitting-duck scale. In this two-part look at how to vet security vendors, my first article—In God We Trust, but Security Vendors Need to Sign the Papers—focuses on assessing a vendor. This is done […]

Leave a comment Continue Reading →

Windows Phone 7.5 susceptible to SMS hack

A researcher has discovered a flaw in Windows Phone 7.5 “Mango” that can crash the message center by simply receiving a malformed SMS, Tweet or Facebook message. Here’s the story.

Leave a comment Continue Reading →

Google-funded study finds Firefox least secure browser, Chrome the best

A new study has tossed the big browsers into the security mosh pit and decreed that Google’s Chrome comes in first, ahead of Internet Explorer and Firefox. But when it comes to the top three, is security more about your browser being up to date and properly configured than its brand? The full story is […]

Leave a comment Continue Reading →

Election-day cyber attack scandal rocks South Korea’s ruling party

Did governing politicians in South Korea approve an election-day cyber attack? Three of South Korea’s top seven leaders quit their posts over the DDoS scandal. Read more. 

Leave a comment Continue Reading →

New zero-day Yahoo Messenger exploit allows malware to spread via hijacked status updates

An unpatched zero-day flaw in Yahoo Messenger allows remote attackers to meddle with any user’s status message, opening an opportunity for malware to spread. Check out the full story.

Leave a comment Continue Reading →

Android permissions glitch allows eavesdropping, data theft

Academic researchers have demonstrated flaws in the Android permissions system that could allow rogue applications to gain access to SMS messages, GPS or even record audio from affected devices. Read the story on NakedSecurity.

Leave a comment Continue Reading →

Safeguards for ethical hackers spurned by Australian government

  The Australian government has thumbed its nose at legal safeguards for ethical hackers, according to security researcher Alana Maurushat.industry professionals say they went out of their way to submit proposals for recent reviews of cybercrime laws, but the government decided to reject them all. Read the full story here.

Leave a comment Continue Reading →