Latest News
US-Cert Warns of On-going Denial-of-Service Attacks by Anonymous
(LiveHacking.Com) - The United States Computer Emergency Readiness Team (US-CERT), the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS), has issued a warning about on-going distributed denial-of-service attacks against different government institutions both in the USA and in the EU. According to the reports, these attacks are being attributed to the hacker … [Read More...]
Symantec Says Only Use pcAnywhere for Business Critical Purposes
(LiveHacking.Com) - In the on going saga about source code stolen from Symantec in 2006, the company has now updated its "Claims by Anonymous about Symantec Source Code" to notify its customers that "all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk" and to "recommends that customers only use pcAnywhere for business critical purposes." It has also published a White Paper discussing the security … [Read More...]
New Version of Opera Released to Fix Cross-site Scripting Vulnerability
(LiveHacking.Com) - Opera 11.61 has been released and it is recommended that all users upgrade to the latest version to benefit from the security and stablilty changes. With regards to security, Opera 11.61 fixes two security issues: An issue where manipulation of framed content can allow cross-site scripting. An issue where script events could be used to reveal the presence of local files. The cross site … [Read More...]
Symantec Releases Hotfix for pcAnywhere
(LiveHacking.Com) - Symantec has released a hotfix for its pcAnywhere product to address multiple vulnerabilities. According to Symantec, pcAnywhere is susceptible to local file tampering elevation of privilege exploits and remote code execution exploits and as a results it is possible to execute arbitrary code on a targeted system as "System". Affected Products: Symantec pcAnywhere 12.5.x IT Management … [Read More...]
4 Key Features of Good Endpoint Security Software
(Live-Hacking.Com) - Data leakage occurs when data that should have never left the physical confines of your company’s brick and mortar walls does, and control of that data is lost. One of the main reasons why this could happen is because companies lack endpoint protection. When a user copies data to their smartphone (think contacts, critical documents that they wish to review while mobile, email … [Read More...]
Linux 2.6.39 Memory Handling Vulnerability
(LiveHacking.Com) - Exploits have started appearing that make it possible to gain root privileges on some versions of the Linux kernel due to a flaw in the /proc/<pid>/mem handling. The vulnerability first came to light when Linus Torvalds released a Linux kernel update last week to fix the flaw and the subsequent analysis of the bug at Nerdling Sapple. The bug, which was discovered by Jüri … [Read More...]
Google Releases Chrome 16.0.912.77 to Fix a Critical Security Vulnerability
(LiveHacking.Com) - Google has released Chrome 16.0.912.77 for Windows, Mac and Linux to fix a Critical use-after-free memory problem when using Safe Browsing navigation. The bug was found by Chamal de Silva who got over $3000 from Google for finding the problem. The full list of security related bugs fixed is: [$1000] [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur … [Read More...]
Unauthorized Activity Within One of DreamHost’s Databases Prompts Password Resets
(LiveHacking.Com) - DreamHost detected some unauthorized activity within one of its databases over the weekend. And as a precautionary measure it is forcing customers to change their Shell and FTP password. To do this users needed to access the DreamHost web panel and go to "Manage Users", however the rush of customers wanting to protect their accounts left the web panel overwhelmed with intermittent access for about … [Read More...]
McAfee to Patch Two Vulnerabilities in its SaaS for Total Protection
(LiveHacking.Com) - Two vulnerabilities have been found in McAfee's SaaS for Total Protection, one of which allows a customer's system to be used as a spam relay. The problem, which was exposed on British art firm Kaamar Limited's blog earlier this week, has been gaining more and more public attention and now McAfee has started to release information about the issues and details of patches. As spammers have … [Read More...]
OpenSSL Fix Flaw in Recent Bug Fix
(LiveHacking.Com) - Earlier this month, the OpenSSL project released updates to two new versions (OpenSSL 1.0.0f and 0.9.8s) of the popular open source toolkit for SSL/TLS to fix a total of six security flaws. One of the vulnerabilities fixed (CVE-2011-4108) was in OpenSSL's DTLS implementation which allowed an efficient plaintext recovery attack. However Antonio Martin from Cisco Systems, Inc found a flaw in the … [Read More...]
.png)