Clik here to view.
Advisory: SQL Injection in Oracle Enterprise Manager (searchPage web page).
Risk Level: High Affected versions: Oracle Enterprise Manager Database Control 11.1.0.7, 11.2.0.3 (and previous patchsets) Oracle Enterprise Manager Grid Control 10.2.0.5, 11.1.0.1 (and previous...
View ArticleClik here to view.
SBN Sponsor Post
Get the very latest news all in one place. Become a Facebook fan of RSA Conference. http://on.fb.me/p1hr8l
View ArticleClik here to view.
Emails with embedded URL to handtekening.zip downloads malicious file
MX Lab, http://www.mxlab.eu, started to intercept a new trojan distribution campaign by email with an embedded URL to download the file “handtekening.zip”. The email is send from the spoofed addresses...
View ArticleClik here to view.
What n00bs are saying
You can instantly tell it’s a phish by the fact that it is addressed to multiple recipients, but to my eyes, it is further proof of the changing situation for Macs...(...)
View ArticleClik here to view.
Co-tenancy risk for Polar Bears
I get asked all the time whether it is "safe enough" to run different levels of security on the same physical hardware if you have a hypervisor separating the load. The answer is, of course, it...
View ArticleClik here to view.
From LOW to PWNED [0] Intro
Several (tm) months back I did my talk on "From LOW to PWNED" at hashdays and BSides Atlanta.The slides were published here and the video from hashdays is here, no video for BSides ATL.I consistently...
View ArticleClik here to view.
The threats of the Age of cyber-warfare: Eugene Kaspersky on cybercrime
Co-founder and CEO of “Kaspersky Lab” Eugene Kaspersky delivers a speech called “The threats of the Age of cyber-warfare”, expressing his vision on the current state of the global cybercrime and...
View ArticleClik here to view.
US Gov Drops Oracle
The U.S. General Services Administration has announced Oracle's contract is cancelled. April 18, 2012: Oracle no longer available on IT Schedule 70 Effective May 17, 2012, IT Schedule 70 is canceling...
View ArticleClik here to view.
Malware ate my homework
Missing homework used to be blamed on the family dog, but now the focus has shifted to the computer. And sometimes – as this user note shows – malware really is to blame. “My avast! Free version will...
View ArticleClik here to view.
Vulnerability Management Evolution: Core Technologies
As discussed we discussed in the last two posts, any VM platform needs to be able to scan infrastructure and scan the application layer. But that’s still most tactical stuff. Run the scan, give you a...
View ArticleClik here to view.
This is not a real LinkedIn notification
Note the URL exposed when you mouse over a hyperlink.
View ArticleClik here to view.
Clik here to view.
Deutsch Wolke: Trusted Insurance Clouds?
News, of the German Insurance industry's efforts to secure their aggregated interweb presence, inclusive of their data footprint, in the cloud's floating in the industrial giant's airspace... A...
View ArticleClik here to view.
InfoSec Daily Podcast Episode 649
Episode 649 - AnonPaste, CEE, Emory Healthcare, Saturday’s Targets, Hacker Way and Tardy Be-Gone
View ArticleClik here to view.
Clik here to view.
More Mobile “Average” Practices
A few weeks ago I came across a mobile security article entitled “Five Steps to Enhance Mobile Device Security.” In it the author stresses the increasing number of attacks on mobile devices and...
View ArticleClik here to view.
Trust – Making an intelligent, defensible trust valuation
There was in interesting conversation earlier today on Twitter over whether trust is a 'yes or no' answer. While some of the people engaged argued vehemently that trust is either a yes or not, I...
View ArticleClik here to view.
Weekly Rewind – Top Industry News, LPS, Apple Fail, & More…
If you missed anything or happened to be offline this past week, we hope you find this post useful as a quick reference. For those readers that may not have noticed, I actually tack on a bit of...
View ArticleClik here to view.
A response to Stiennon’s analysis of Palo Alto Networks
I was dismayed to read Richard Stiennon’s article in Forbes, Tearing away the veil of hype from Palo Alto Networks’ IPO. I will say my knowledge of network security and experience with Palo Alto...
View ArticleClik here to view.
Wuti by Li Shangyin
Li Shangyin (李商隐) was a poet of the Chinese Tang Dynasty (618 – 907). He wrote in the format of Lu Shi, written with eight lines of five or seven words each. Exposition (qi) was called for in the first...
View Article