BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks

BuyLow.com | Resources | Contact Us


 

Next World Cyber-security Contest

Next World Cyber-security Contest Launched by FIRST, CERT Coordination Center
Pittsburgh, PA, February, 25 2009 – The second international competition honoring best practices and advances in safeguarding the security of computer systems and networks was announced today by FIRST (the Forum of Incident Response and Security Teams) and the Carnegie Mellon Software Engineering Institute CERT Coordination [...]

Read More About - Next World Cyber-security Contest »

New Variant of Conficker/Downadup Worm Circulating

US-CERT is aware of public reports concerning a new variant of the Conficker/Downadup worm, named Conficker B++. This variant propagates itself via multiple methods, including exploitation of the previously patched vulnerability addressed in MS08-067, password guessing, and the infection of removable media. Most significantly, Conficker B++ implements a new backdoor with “auto-update” functionality, allowing machines [...]

Read More About - New Variant of Conficker/Downadup Worm Circulating »

Adobe Acrobat and Reader Vulnerability

National Cyber Alert System
Technical Cyber Security Alert TA09-051A
Systems Affected
* Adobe Reader version 9 and earlier
* Adobe Acrobat (Professional, 3D, and Standard) version 9 and earlier
Overview
Adobe has released Security Bulletin APSB09-01, which describes a vulnerability that affects Adobe Reader and Acrobat. This vulnerability could allow a remote attacker [...]

Read More About - Adobe Acrobat and Reader Vulnerability »

Active Exploitation of Microsoft Internet Explorer 7 Vulnerability

US-CERT is aware of a public report indicating active exploitation of a previously patched vulnerability in Microsoft Internet Explorer 7. This vulnerability was addressed in Microsoft Security Advisory MS09-002. Additional information is available in US-CERT Technical Cyber Security Alert TA09-041A.
US-CERT encourages users to apply the update or workarounds as specified in Microsoft Security Advisory MS09-002. [...]

Read More About - Active Exploitation of Microsoft Internet Explorer 7 Vulnerability »

Microsoft Updates for Multiple Vulnerabilities

Systems Affected:
* Microsoft Internet Explorer
* Microsoft Office Visio
* Microsoft Exchange and SQL Server
Overview
Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
I. Description
As part of the Microsoft Security Bulletin Summary for February 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, Exchange Server, SQL Server, Office, and other [...]

Read More About - Microsoft Updates for Multiple Vulnerabilities »

BlackBerry Security Advisory

Research In Motion has released a Security Advisory to address a vulnerability in the BlackBerry Application Web Loader ActiveX control. By convincing a user to view a specially crafted HTML document, an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer to crash.
US-CERT [...]

Read More About - BlackBerry Security Advisory »

IRS Stimulus Package Phishing Scam

US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide [...]

Read More About - IRS Stimulus Package Phishing Scam »

Google’s Latitude Tracks Your Every Move

Google has released a new application called Latitude. The service allows a user to share their physical location with friends and family. Using cell phones towers and WIFI connections, Google creates a map that shows your location and movements. Though they claim your privacy is protected, many people are concerned.
Here is how [...]

Read More About - Google’s Latitude Tracks Your Every Move »

Malicious Code Spreading Via Valentine’s Day Spam

US-CERT is aware of public reports of malicious code circulating via spam email messages related to Valentine’s Day. These messages contain a link to a website that contains several images of hearts and instructs users to choose one image. If users click on one of the images, they will be prompted to download an executable [...]

Read More About - Malicious Code Spreading Via Valentine’s Day Spam »

Protecting Portable Devices: Data Security

National Cyber Alert System
Cyber Security Tip ST04-020
Why do you need another layer of protection?
Although there are ways to physically protect your laptop, PDA, or other portable device (see Protecting Portable Devices: Physical Security for more information), there is no guarantee that it won’t be stolen. After all, as the name suggests, portable devices are designed [...]

Read More About - Protecting Portable Devices: Data Security »

RSS BugTraq

  • [SECURITY] [DSA 2100-1] New openssl packages fix double free
    Posted by Moritz Muehlenhoff on Aug 30------------------------------------------------------------------------ Debian Security Advisory DSA-2100-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff August 30, 2010 http://www.debian.org/security/faq ------------------------------------------------------------------------ Package : opens […]
  • Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
    Posted by security curmudgeon on Aug 30: 1. OVERVIEW : : The QtWeb Browser application is vulnerable to Insecure DLL Hijacking : Vulnerability. Similar terms that describe this vulnerability have been : come up with Remote Binary Planting, and Insecure DLL : Loading/Injection/Hijacking/Preloading. : 3. VULNERABILITY DESCRIPTION : : The QtWeb Browser applicat […]
  • [ MDVSA-2010:165 ] libHX
    Posted by security on Aug 30 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:165 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libHX Date : August 30, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1 _________________________ […]
  • {Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS
    Posted by Lostmon lords on Aug 30################################################### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES ################################################### Safari browse […]
  • R7-0036: FCKEditor.NET File Upload Code Execution
    Posted by HD Moore on Aug 30R7-0036: FCKEditor.NET File Upload Code Execution August 30, 2010 -- Vulnerability Details: FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector  in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulne […]