All Security News Feeds
HSBC Deploys Authentify's Out-of-Band Authentication System
CA To Acquire Orchestria, Extends Security Management Portfolio
PC Tools: Top Internet Blunders of '08
ESET Teams With Inquira
Webroot Threat Advisory: Hackers Using Continental Flight 1404 Headlines To Scam Online News-Seekers
Comodo Releases EasyVPN Beta
IronKey's New Anti-Worm Malware Protection Battles AutoRun Worms
IT Confidence Drops To Lowest Level In 2008
Prism Microsystems Adds Smart Search To Security Information and Event Management Solution
Cyber Secure Institute Cuts Through Misleading Security Claims: LynuxWorks and LynxSecure
Secerno Makes Enterprise-Class Database Security Available To Branch Offices And SMEs
SECNAP Adds Advanced Reporting Functionality To SpammerTrap Email Security Reporting Package
IronKey Announces New Capabilities To Remotely Protect Secure USB Flash Drives
Avocado Security Launches Enterprise Edition 2.0 Security & Business Intelligence Optimization Platform
Zero-Day Web Malware Blocks Surpass Yearly Average
Sourcefire Announces EMEA Channel Expansion
Nuclear Regulatory Commission Expands Cybersecurity Requirements For Nuke Power Plants
John Wyatt Named President And CEO Of Cigital
Network Frontiers Releases Media Disposal Toolkit
Sourcefire 3D System 4.8 Now Available On Crossbeam Security Platform
Logica Implements SSH Tectia For Securing City of Helsinki's Financial Apps
Beth Israel Medical Center Adds Third Brigade's Server Security
ConSentry Enhances Partner Program
Fidelis's XPS DLP Solution Adds Passive Data Discovery
SecureMac Releases DNSChanger Trojan Removal Tool 2.0
Palamida Finds Security Tops List Of Concerns Inhibiting Broader Open Source Adoption
GlobalCrypto's RealMe Available As A Flash Web Widget
PGP Whole Disk Encryption Approved For Use Within U.K. Goverment
Canada's NB Power Chooses Waterfall Security Solutions For Network Security
Rapid7 Launches New 'PartnerFirst' Program
WorkLight And Netvibes Develop New Secure Widget Platform
Veracode Appoints Jon Stevenson SVP Of Technology And Service Operations
Q1 Labs Unveils Network Security Management Solution For Virtual Environments
Investment Bank Upgrades Global Infrastructure With Palo Alto Networks Firewalls
Finjan Creates Advisory Board
Cloudmark Survey: Operators Ignore Mobile Spam
Open Letter From SESTA Calls For Tighter USB Security
Core Impact Pro V8 Extends Automated Web App Penetration Testing
LogRhythm Adds Intelligent IT Search To Log Management System
Business Services For U.S. Immigrants At Extremely High Risk Of Cybercriminal Penetration
Panda Security Reveals Major Security Flaws In Money Transfer Businesses
West Coast Labs Completes Anti-Malware Testing, Issues Checkmark Anti-Malware Certification
Flurry Of Spam Targeting The Federal Bureau Of Investigation
Monext Chooses Verizon Business Security Solutions to Support Delivery Of Industry-Compliant Bank-Payment Services
Bit9 Identifies 'The Dirty Dozen' - 2008's Most Popular Applications With Critical Security Vulnerabilities
How Companies Can Use IT Security To Protect Against Insider Attacks
Imperva, ArcSight Partner To Integrate Database Monitoring Intelligence With Security Information And Event Management
Palo Alto Networks Discovers Critical Vulnerability In Microsoft Word
WhiteHat Security Releases 6th Website Security Statistics Report
HP Expands Virtual Protection Tool, Desktop Linux Offering For Small Business Customers
Actimize Expands IBM Partnership; Embeds Technology To Fight Fraud, Financial Crime
SkyRecon Provides Full Disk And File-Based Encryption With StormShield Security Suite Version 5.2
Eleven Combats Spam At Its Source
Independent Survey On Database Security Reveals Link Between Privileged Users, Breaches
Sagem Morpho Biometric Face Recognition System Leads to First Arrest
ManageEngine Introduces ServiceDesk Plus 7.5
eSoft, Untangle Announce Web Security Partnership
BitDefender Receives Advanced+ Certification
TriGeo Offers 'Competitive Upgrade Program' To High Tower Software Users
New Goodmail Study: Marketers Boosting ROI 38% through E-Mail Accreditation
IronKey Celebrates One Year Of Mac Compatibility
Metaforic To Offer Free Versions of Secured Apache, MySQL
WinMagic Launches SecureDoc Full-Disk Encryption For Mac
First National Bank Chooses NCP Engineering As VPN Client Software Provider
Security Expert Howard A. Schmidt Joins Solidcore Advisory Board
FaceTime Application Detection Raises Stakes in Network Security
New Version Of BitArmor DataControl Employs Smart Tag Technology
SEC Renews Licenses For Guidance Software's EnCase Enterprise And EnCase Forensic Solutions
Trust Digital Announces iPhone Support For Enterprise Mobility Management Platform
Database Security, Risk, Compliance Gaps On The Rise: Application Security Survey
Mega-D Botnet Returns After McColo Shutdown
Liquid Machines, McAfee Partner To Integrate Data Loss Prevention, Enterprise Rights Management
RAD Data Communications Expands Portfolio Of Network Access Solutions
iovation Partners with The 3rd Man to Stop Card-Not-Present Fraud
Global DataGuard Expands Channel Focus
SanDisk Announces Apple Max OS X Support For SanDisk Cruzer Enterprise USB Flash Drive
Symantec Announces MessageLabs Intelligence 2008 Annual Security Report
Sourcefire Protects 100% Virtualized and Solar Powered Data Center
SecureWorks Reports 161% Increase In Attempted Hack Attacks Against Retailers
Fidelis XPS Receives Common Criteria Security Certification
Sipera Systems Security Product Selected For Ipitomi's Unified Communications Solution
Third Brigade Announces Free Cloud-Ready Security Software To Support VMware
StillSecure Helps DoD Detect, Defend Against Malware-Infection Detachable Disk Drives
nCircle Enables Critical Utilities Compliance with New NERC CIP Configuration Auditing Policies
Juniper Networks Helps Laboratory Of Neuro Imaging Double Network Performance, Cut IT Management Time
Click Forensics Selects CoreTrace For Improved Endpoint Security And Performance
GSA Joins Board Of Transglobal Secure Collaboration Program
Skybox Security Updates Firewall and Network Compliance Auditor Products For New PCI Standard
Astaro Announces Certification On Intel Modular Server Platform
CRYPTOCard Launches Combined 2FA Payment Card
Trusteer Releases Free Malware Search Engine For Financial
Social Engineering, Cybercrime Will Be Challenges In 2009: ITAC
Lenovo To Ship Notebooks With Support for Intel Anti-Theft PC Protection Featuring Absolute Computrace
Rapid7's NeXpose Vulnerability Management Engine Powers Trend Micro's SecureSite Hosted Service
McAfee, BT Partner On Managed Network Security Services
Tucows Joins Ethoca-Powered Global Fraud-Fighting Community
Arbor Networks Releases Peakflow X 4.1
SMB Data Protection Practices Not On Pace With Data Growth
Symark International Appoints John Mutch as Chief Executive Officer
St. Bernard's iPrism Web Filtering Appliance Verified As Citrix Ready
Shavlik Technologies' Security Suite Receives SCAP Validation
Sortprice.com Offers "10 Commandments" For Smart Online Shopping
SMobile Systems Launches Security Shield For BlackBerry
Kuraray America Deploys ConSentry's LANShield Intelligent Switch
Financial Services Industry Needs To Better Educate Employees About Security: ENISA
NTT America Presents Network Security White Paper
IBM Launches New Cloud Computing Consulting And Implementation Services
Absolute Software Extends Computrace Capability To BlackBerrys
PineApp Unveils Mail Encryption Software
Fraud Rings, Botnets Top Concerns Among Security Experts: Survey
AnchorFree's Hotspot Shield Security App Available For iPhone
IronKey Announces Antimalware Initiative For USB Removable Media And Flash Drives
Axis Introduces M10 Network Cameras
BitDefender Uncovers Fraudulent Scheme Targeting JPMorgan Chase Customers
Cyveillance Warns of Dramatic Increase in Phishing Attacks During Thanksgiving Weekend
GFI Releases LANguard Version 9
NetMotion Wireless Links With TELUS Mobility in Canada
ArcSight, McAfee Integrate Security And Compliance Platforms
DigitalPersona Releases DigitalPersona Personal 4.0 Security Software
California's Largest Gaming Organization Selects Sendio's E-Mail Security Platform
Goodmail Systems Secures $20 Million in Funding
IBM Warning: Holidays To Bring Blizzard Of New Attacks on Consumers
Healthcare Solution Provider Network Strategies Joins CRYPTOCard Partner Program
ChosenSecurity Partners With SIGNiX to Deliver Globally Trusted Digital Signatures For Adobe Documents
Bit9 and Tripwire Roll Out PCI Control for Retailers
Cybercrime Projected To Spike on Cyber Monday
DataGuise Unveils Data Masking For Multidatabase Environments
EU-Agency ENISA Releases Position Paper on Mobile eID Security Issues
PCI Security Standards Council Unveils New Quality Assurance Program
AlgoSec Adds Matrix Analysis To Firewall Analyzer
PandaLabs Warns 'High School Musical' Fans to Watch Out for Virus-Laden Downloads
Absolute Software's Tips For Securing Your Laptop While Traveling
EV SSL Certificate Adoption Gains Momentum
OpenLiberty.org Releases Open-Source Identity Governance Framework Software
Gordon Eubanks Joins Perimeter eSecurity's Board of Directors
Unified Vulnerability Management Provider Rapid7 Fills Out Executive Team
Marshal8e6 Releases Comprehensive Content Filtering for Internal Email
University of Texas at San Antonio Institute for Cyber Security Launches Internet Security Incubator
Finjan Raises $22 Million in Investment Round
Secerno Teams With F5 Networks on Database Security
LegitScript Shuts Down 500 No-Prescription-Required Online Pharmacies
Web Malware Jumps 21% in October: Report
McAfee Completes Secure Computing Acquisition
Titus Labs Unveils Email Classification Tool For Increased Data
Check Point Upgrades UTM-1 Edge Security Appliances
FireEye IDs 450,000-Plus Srizbi Bots Attempting To Connect To Now-Defunct McColo Hosted C&C Servers
Engate Technology Introduces Hosted Email Security And Anti-Botnet Service
Symantec CEO John W. Thompson Announces Retirement
GFI Taps Acronis' Walter Scott As CEO
Trend Micro Releases Email Encryption Gateway 5.0
Network Security Solutions Provider AEP Networks Acquires Communications Provider Vados Systems
Panasonic Lowers Price For Iris Recognition System
Symantec Completes Acquisition of MessageLabs
WinMagic Expands Relationship With Seagate For Endpoint Encryption Tools
Sipera VIPER Lab Releases UCSniff To Test for Targeted VoIP Eavesdropping
Klocwork Intros Source Code Analysis Tool For Android Application Developers
Top 5 Industries At Greatest Risk Of Web-Based Malware
Q1 Labs Rolls Out Free Version Of Log Management Appliance
Georgian Bank Selects Mi5 Networks' Webgate Appliance For Gateway Protection
NovaShield Aims Antimalware Software At SMBs, Consumers
Blue Coat Appliances To Power Sprint's Managed Security Services
Gizmox Dares Hackers to Break Into Visual WebGui App
EU Agency Explores Ways To Protect Citizens' Privacy
Phishers Launch Scam On Twitter Users
New GA Law Forces Sex Offenders to Hand Over Their Internet Passwords
Hundreds of Israeli Websites Hacked in 'Propaganda War'
MORE KEYHOLE
ENTERPRISE VULNERABILITIES
Vulnerability:courtier-authlib
Published:2008-12-22
Severity:Medium
Description:SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.
Published:2008-12-22
Severity:Medium
Description:SQL injection vulnerability in authpgsqllib.c in Courier-Authlib before 0.62.0, when a non-Latin locale Postgres database is used, allows remote attackers to execute arbitrary SQL commands via query parameters containing apostrophes.
Vulnerability:skype extension for firefox
Published:2008-12-22
Severity:Medium
Description:The skype_tool.copy_num method in the Skype extension BETA 2.2.0.95 for Firefox allows remote attackers to write arbitrary data to the clipboard via a string argument.
Published:2008-12-22
Severity:Medium
Description:The skype_tool.copy_num method in the Skype extension BETA 2.2.0.95 for Firefox allows remote attackers to write arbitrary data to the clipboard via a string argument.
Vulnerability:konqueror
Published:2008-12-22
Severity:Medium
Description:HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information.
Published:2008-12-22
Severity:Medium
Description:HTMLTokenizer::scriptHandler in Konqueror in KDE 3.5.9 and 3.5.10 allows remote attackers to cause a denial of service (application crash) via an invalid document.load call that triggers use of a deleted object. NOTE: some of these details are obtained from third party information.
Vulnerability:opensolaris, solaris
Published:2008-12-22
Severity:Medium
Description:The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors.
Published:2008-12-22
Severity:Medium
Description:The name service cache daemon (nscd) in Sun Solaris 10 and OpenSolaris snv_50 through snv_104 does not properly check permissions, which allows local users to gain privileges and obtain sensitive information via unspecified vectors.
Vulnerability:kernel
Published:2008-12-22
Severity:Medium
Description:libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
Published:2008-12-22
Severity:Medium
Description:libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
|
