Twitter
LinkedIn
RSS

Archive for August, 2011


Quick Tips: SaaS Licenses

Quick Tips: SaaS Licenses

Read More...

Certificate Authority Hacked, Google Users Fall Victim to Man-in-the-Middle Attack

by Daniel Peck, Research Scientist Yesterday reports began to trickle in that Google users in Iran were victim to a man-in-the-middle attack through the use of an illegitimate SSL certificate issued for

Read More...

SB11-241: Vulnerability Summary for the Week of August 22, 2011

Vulnerability Summary for the Week of August 22, 2011

Read More...

Fraudulent DigiNotar SSL Certificate

(added August 30, 2011) A full-content feed is available at http://www.us-cert.gov/current/index.atom

Read More...

VU#213486: LifeSize Room appliance authentication bypass and arbitrary code injection vulnerability

Vulnerability Note VU#213486 LifeSize Room appliance authentication bypass and arbitrary code injection vulnerability Overview LifeSize Room appliance contains an authentication bypass and arbitrary code injection vulnerability when failing to sanitize input from unauthenticated clients.

Read More...

Episode 105: Email Forensics, DDoS Mitigation Steps & Animations

We cover the final part in our series on interpreting email headers – this time going through some examples in detail. We also continue our series on DDoS attack mitigation techniques and we show a new movie of malware attacks involving targets in the Russia over a recent period.

Read More...

Potential Hurricane Irene Phishing Scams

(added August 29, 2011) A full-content feed is available at http://www.us-cert.gov/current/index.atom

Read More...

VU#405811: Apache HTTPD 1.3/2.x Range header DoS vulnerability

Vulnerability Note VU#405811 Apache HTTPD 1.3/2.x Range header DoS vulnerability Overview Apache HTTPD server contains a denial-of-service vulnerability in the way multiple overlapping ranges are handled. Both the ‘Range’ header and the ‘Range-Request’ header are vulnerable. An attack tool, commonly known as ‘Apache Killer’, has been released in the wild.

Read More...

Cisco Releases Security Advisories

(added August 25, 2011) A full-content feed is available at http://www.us-cert.gov/current/index.atom

Read More...

VU#200814: ASUS RT-N56U remote password disclosure vulnerability

Vulnerability Note VU#200814 ASUS RT-N56U remote password disclosure vulnerability Overview ASUS’s Wireless-N Gigabit Router RT-N56U is vulnerable to remote administrator password disclosure. I. Description ASUS’s Wireless-N Gigabit Router RT-N56U contains a vulnerability which may allow a remote unauthenticated attacker to recover the device’s administrator password.

Read More...