Articles by 'Russell D. Vines'

By Russell D. Vines, Posted in Security

November 13, The Register – (International) IE 0-day plugged up by TIFF terror continues in November Patch Tuesday. Microsoft released its November Patch Tuesday round of patches, closing a total of 19 vulnerabilities in Windows and Office products, including three marked as critical. A TIFF image handling vulnerability remained unaddressed but a workaround is available. Source: http://www.theregister.co.uk/2013/11/13/november_patch_tuesday/ November 13, Softpedia – (International) Second version of Hlux... read more.

• November 14, 2013

By Russell D. Vines, Posted in Security

November 12, The Register – (International) Stale Blackhole leads to dried-up spam, claim badhat-probers. Trend Micro researchers found that with the Blackhole exploitkit no longer being updated, cybercriminals have turned to other methods for infecting users, with the Upatre exploit kit being a popular replacement and often used to spread the Cryptolocker ransomware. Source: http://www.theregister.co.uk/2013/11/12/cryptolocker_rise_blackhole_demise November 12, Softpedia – (International) Reflected and... read more.

• November 13, 2013

By Russell D. Vines, Posted in Security

November 7, Computerworld – (International) Fire at Internet Archive reaffirms need for an Internet archive. The document scanning operations of The Internet Archive in San Francisco suffered a fire November 6 that caused $600,000 in damages. Source: http://www.networkworld.com/news/2013/110713-fire-at-internet-archive-reaffirms-275754.html November 7, CSO – (International) Automated hacking tools swarm Web site login pages. Incapsula monitored access attempts at the Web sites of 1,000 of its clients and... read more.

• November 12, 2013

By Russell D. Vines, Posted in Security

November 7, The Register – (International) KitKat swats yet another Android ‘MasterKey’ bug. The newest Android version 4.4 (KitKat) contains a fix for a vulnerability similar to the ‘Master Key’ vulnerability that could allow attackers to manipulate the filename length in ZIP files’ metadata and alter an app. Source: http://www.theregister.co.uk/2013/11/07/third_android_master_key_vuln_squashed/ November 7, Softpedia – (International) Rapid7 researchers discover vulnerabilities in Supermicro IPMI firmwa... read more.

• November 11, 2013

By Russell D. Vines, Posted in Security

November 4, Threatpost – (National) DOE audit reveals new weaknesses, and unpatched older flaws. An audit undertaken by the Office of Inspector General and the Office of Audits and Inspections revealed that 29 new weaknesses emerged from the U.S. Department of Energy’s network in 2013 in addition to 10 existing that the agency failed to fix after a 2012 audit. Source: http://threatpost.com/doe-audit-reveals-new-weaknesses-and-unpatched-older-flaws November 6, The Register – (International) It’s the Shiz:... read more.

• November 07, 2013

By Russell D. Vines, Posted in Security

November 5, Softpedia – (International) Harbor Freight Tools hacked, payment processing system compromised. Harbor Freight Tools began notifying customers of a payment processing system breach that may have exposed customers’ credit card numbers, expirations dates, and CVV codes. The breach concerned transactions that occurred between May 6 and June 30. Source: http://news.softpedia.com/news/Harbor-Freight-Tools-Hacked-Payment-Processing-System-Compromised-397103.shtml November 4, Cleveland Plain Dealer... read more.

• November 07, 2013

By Russell D. Vines, Posted in Security

November 4, Krebs on Security – (National) Hackers take limo service firm for a ride. CorporateCarOnline, a limousine and town car service, was found to have been the target of cybercriminals after a plain text archive of more than 850,000 customers’ credit card numbers, names, addresses, transaction records, and other private information was discovered on the same servers where stolen information from PR Newswire and Adobe Systems Inc. was found. Customers whose information was exposed included members of... read more.

• November 05, 2013

By Russell D. Vines, Posted in Security

November 1, IDG News Service – (International) New malware variant suggest cybercriminals targeting SAP users. Researchers at Doctor Web observed a new variant of a banking trojan that also contains code to search infected systems for SAP client applications, possibly as a first step to targeting SAP users in the future. Source: http://www.computerworld.com/s/article/9243727/New_malware_variant_suggests_cybercriminals_targeting_SAP_users November 1, Softpedia – (International) Gaming trojan Grolker updat... read more.

• November 04, 2013

By Russell D. Vines, Posted in Security

October 31, IDG News Service – (International) Microsoft’s Windows Azure cloud hit by worldwide management interruption. Microsoft’s Windows Azure service experienced an issue with its Compute management function between October 30 and October 31 that affected users in the U.S., Europe, and Asia. Source: http://www.networkworld.com/news/2013/103113-microsoft39s-windows-azure-cloud-hit-275459.html October 31, Help Net Security – (International) Spike in suspicious traffic and TOR usage, says threat report... read more.

• November 04, 2013

By Russell D. Vines, Posted in Security

October 30, Softpedia – (International) Expert finds unrestricted file upload vulnerability in Twitter. A researcher at Q-CERT identified and reported two vulnerabilities in Twitter that could have been leveraged to upload malicious files to a Twitter developer Web site and to redirect users to arbitrary Web sites. Twitter has since closed the reported vulnerabilities. Source: http://news.softpedia.com/news/Expert-Finds-Unrestricted-File-Upload-Vulnerability-in-Twitter-Video-395604.shtml October 30, Soft... read more.

• October 31, 2013