BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks

BuyLow.com | Resources | Contact Us


 

Tag Cloud

alert Apple attacks computer computers computer security cyber crime email Facebook Firefox fraud Google government hackers identity theft id theft infringement Internet Internet Explorer internet security Java Mac malware Microsoft mobile devices mobile phones networks patents phishing privacy Safari safety scams security servers spammers technology viruses web browser web browsers websites Windows Word worm www

Archives

  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009

    • Active Exploitation of Microsoft Internet Explorer 7 Vulnerability

    US-CERT is aware of a public report indicating active exploitation of a previously patched vulnerability in Microsoft Internet Explorer 7. This vulnerability was addressed in Microsoft Security Advisory MS09-002. Additional information is available in US-CERT Technical Cyber Security Alert TA09-041A.
    US-CERT encourages users to apply the update or workarounds as specified in Microsoft Security Advisory MS09-002. [...]

    Read More About - Active Exploitation of Microsoft Internet Explorer 7 Vulnerability »

    Comments: Comments Off
    Tags: , , ,
    Category: Uncategorized

    Microsoft Updates for Multiple Vulnerabilities

    Systems Affected:
    * Microsoft Internet Explorer
    * Microsoft Office Visio
    * Microsoft Exchange and SQL Server
    Overview
    Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
    I. Description
    As part of the Microsoft Security Bulletin Summary for February 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, Exchange Server, SQL Server, Office, and other [...]

    Read More About - Microsoft Updates for Multiple Vulnerabilities »

    Comments: Comments Off
    Tags: , , ,
    Category: Uncategorized

    BlackBerry Security Advisory

    Research In Motion has released a Security Advisory to address a vulnerability in the BlackBerry Application Web Loader ActiveX control. By convincing a user to view a specially crafted HTML document, an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer to crash.
    US-CERT [...]

    Read More About - BlackBerry Security Advisory »

    Comments: Comments Off
    Tags: ,
    Category: Uncategorized

    IRS Stimulus Package Phishing Scam

    US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide [...]

    Read More About - IRS Stimulus Package Phishing Scam »

    Comments: 2 Comments, Join in »
    Tags: , , ,
    Category: Uncategorized

    Google’s Latitude Tracks Your Every Move

    Google has released a new application called Latitude. The service allows a user to share their physical location with friends and family. Using cell phones towers and WIFI connections, Google creates a map that shows your location and movements. Though they claim your privacy is protected, many people are concerned.
    Here is how [...]

    Read More About - Google’s Latitude Tracks Your Every Move »

    Comments: 3 Comments, Join in »
    Tags: , ,
    Category: Uncategorized

    Malicious Code Spreading Via Valentine’s Day Spam

    US-CERT is aware of public reports of malicious code circulating via spam email messages related to Valentine’s Day. These messages contain a link to a website that contains several images of hearts and instructs users to choose one image. If users click on one of the images, they will be prompted to download an executable [...]

    Read More About - Malicious Code Spreading Via Valentine’s Day Spam »

    Comments: Comments Off
    Tags: , , ,
    Category: Uncategorized

    Protecting Portable Devices: Data Security

    National Cyber Alert System
    Cyber Security Tip ST04-020
    Why do you need another layer of protection?
    Although there are ways to physically protect your laptop, PDA, or other portable device (see Protecting Portable Devices: Physical Security for more information), there is no guarantee that it won’t be stolen. After all, as the name suggests, portable devices are designed [...]

    Read More About - Protecting Portable Devices: Data Security »

    Comments: 2 Comments, Join in »
    Tags: , , , ,
    Category: Uncategorized

    Before You Connect a New Computer to the Internet

    by United States Emergency Readiness Team
    I. Motivating Factors
    The CERT/CC has composed this Tech Tip to address a growing risk to Internet users without dedicated IT support. In recent months, we have observed a trend toward exploitation of new or otherwise unprotected computers in increasingly shorter periods of time. This problem is exacerbated by a number [...]

    Read More About - Before You Connect a New Computer to the Internet »

    Comments: 1 Comment, Join in »
    Tags: , ,
    Category: Uncategorized

    White House (.gov) Email Down Due to Microsoft

    The new White House team found out there email systems were down for most of the day on Monday. Press Secretary Robert Gibbs mad the announcement of the technical difficulties at his 1:30 p.m. briefing. He apologized for the e-mail silence and blamed it on a Mircrosoft Outlook server.
    Both incoming and outgoing email were [...]

    Read More About - White House (.gov) Email Down Due to Microsoft »

    Comments: 6 Comments, Join in »
    Tags: , , , ,
    Category: Uncategorized

    Apple QuickTime Updates for Multiple Vulnerabilities

    National Cyber Alert System
    Technical Cyber Security Alert TA09-022A
    Apple QuickTime Updates for Multiple Vulnerabilities
    Original release date: January 22, 2009
    Source: US-CERT
    Systems Affected
    Apple QuickTime 7.5 for Windows and Mac OS X
    Overview
    Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary [...]

    Read More About - Apple QuickTime Updates for Multiple Vulnerabilities »

    Comments: Comments Off
    Tags: , , ,
    Category: Uncategorized
    « Older Entries
    Newer Entries »

    RSS BugTraq

    • [ MDVSA-2010:166 ] libgdiplus
      Posted by security on Aug 31 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:166 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libgdiplus Date : August 31, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1, Enterprise Server 5 […]
    • Tortoise SVN DLL Hijacking Vulnerability
      Posted by nikhil_uitrgpv on Aug 311. Overview Tortoise SVN is vulnerable to Windows DLL Hijacking Vulnerability. Version 1.6.10, Build 19898 (latest available on 30th August 2010 was tested) is vulnerable. 2. Vulnerability Description Tortoise SVN passes insufficiently qualified path for the dll "dwmapi.dll" while opening a file using TortoiseProc […]
    • [security bulletin] HPSBMA02571 SSRT100034 rev.1 - HP Insight Diagnostics Online Edition, Remote Cross Site Scripting (XSS)
      Posted by security-alert on Aug 31SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02492472 Version: 1 HPSBMA02571 SSRT100034 rev.1 - HP Insight Diagnostics Online Edition, Remote Cross Site Scripting (XSS) NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2010-08-30 Last Updated: 2010-08-30 Pote […]
    • django in combination with mod wsgi on apache on default debian and ubuntu installations does not place any bounds on the maximum size of a file upload
      Posted by dave b on Aug 31Summary: In the default setup of wsgi, apache and django (at least on ubuntu and debian) by default there are no limits on the size of a file that an attacker can upload. http://cwe.mitre.org/top25/#CWE-770 and see example 2 at http://cwe.mitre.org/data/definitions/770.html Vendor response: " If you have your Apache install con […]
    • [USN-981-1] libwww-perl vulnerability
      Posted by Marc Deslauriers on Aug 31=========================================================== Ubuntu Security Notice USN-981-1 August 31, 2010 libwww-perl vulnerability CVE-2010-2253 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubu […]