Vulnerability1. IBM Business Process Manager 7.x

Danger: Low

Availability Corrections: Yes
Number of vulnerabilities: 1
CVSSv2 Rating: (AV: N / AC: M / Au: N / C: P / I: N / A: N / E: U / RL: O / RC: C) =
CVE ID: CVE-2014-3087

Vector operation: LAN (Local area network)
Impact: Disclosure of sensitive data

Affected Products: IBM Business Process Manager 7.x Read the rest of this entry »

Security NewsIntelligence Gap: How a Chinese National Gained Access to Arizona’s Terror Center

The un-vetted computer engineer plugged into law enforcement networks and a database of 5 million Arizona drivers in a possible breach that was kept secret for years.

For five months in 2007, the Chinese national and computer programmer opened his laptop and enjoyed access to a wide range of sensitive information, including the Arizona driver’s license database, other law enforcement databases, and potentially a roster of intelligence analysts and investigators … Read the rest of this entry »

McAfee logoMcAfee has announced key enhancements to its Server Security Suites product portfolio, including the optimization of productivity and efficiency in order to improve the security of servers deployed in physical, virtualized and cloud environments.

The Server Security Suites product line updated include reliable systems servers which open up opportunities for business growth, whether it is physical, virtualized or cloud environment. McAfee has released the following list of innovations Server Security Suites:

  • Simplified initialization Security Virtual Appliance (SVA) through component NSX Composer for deployments MOVE AV (Agentless).
  • Increased visibility and control of network communications between virtual machines with the MOVE Agentless Firewall, implementing VMware vCloud Networking and Security (vCNS) – a solution based on a hypervisor for virtualized data centers.
  • Easier management of safety thanks to the new manager for the SVA-MOVE AV for the effective control and load capacity in virtualized environments.
  • Improved resource optimization for virtualized environments through the Enhanced Virus diagnosis and reduce the load on system resources.
  • Automatic detection and management of virtual machines when they are initialized in private and public clouds, thanks to two new connectors McAfee Data Center Connectors for Microsoft Azure and OpenStack in addition to existing for Amazon AWS and VMware vSphere.

Read the rest of this entry »

geotaggingMost smartphones these days have a camera as standard and they are becoming more and more advanced to compete with digital cameras. It also makes it much easier to share your photos and information via social networks instantly, as they can be uploaded directly from your phone. Newer digital cameras are now being developed to include these features as well, ensuring there is an easy way to access and share your photos.

When these photos are uploaded, they automatically contain geotags as part of the file. This enables you to pinpoint the exact location the photo was taken, as well as the date and time. It includes the longitude and latitude coordinates in the photograph to give an accurate location. These geotags add geographical information and identification to photos, videos, website links and SMS messages. The 10 digit grid coordinates are embedded into the file and can easily be accessed with the right software and tools. Read the rest of this entry »

mobile threatsClones and compromised legitimate apps are a concern for mobile users

Cybercriminals continue to attack mobile phones through new and devious tactics, using both malicious clones and legitimate apps as bait.

We’ve stepped into the technologically advanced future that we grew up hearing about for quite some time now and so far it has been great. Unfortunately, the cybercriminal lot is determined to spoil the fun for all of us. After haunting computer machines, primarily Windows computers, for over a decade, they seem to have turned much of their attention to smartphones, the Michael Jackson of technology (oh come on, who doesn’t love the moon-walking King of Pop?). Giving a completely new meaning to communications and entertainment, the cell phones of today leave very little to be desired, except for maybe a force-field to deflect all the malware targeting them. As if the situation wasn’t bad enough already, McAfee Labs has revealed in its quarterly threat assessment that cybercriminals are targeting mobile devices in newer and smarter ways than before. Read the rest of this entry »

Security NewsA critical vulnerability in Google allows access to the Google’s production servers

A Team of researchers discovered a critical XML External Entity (XXE) vulnerability on Google server that allows users to customize their toolbars with new buttons by uploading XML files containing layout properties. Sounds ridiculous but has been proven by the security researchers from Detectify.

Curious that the researchers used Google dorking to search for vulnerabilities within unpopular applications managed by Google, The Google Toolbar button gallery was the application that most of all attracted their attention.

The vulnerability resides in the Toolbar Button Gallery (as shown). The team of researchers found a loophole after they noticed that Google Toolbar Button Gallery allows users to customize their toolbars with new buttons. Read the rest of this entry »

ESET LogoESET Company has recently published a 69 page report containing the detailed analysis of an ongoing large-scale attack on servers running on Linux, FreeBSD and other Unix-like systems since 2011.

During the attack (the codename ‘Operation Windigo’) a group of cyber criminals has obtained control of more than 25,000 of servers in three years, 10,000 of which were brought down by tones of malware. Read the rest of this entry »

Billionaires Hackers ClubIt’s not a secret that many things in business depend on connections, and IT industry is no exception. Therefore, as a result of acquaintances a good number of prosperous projects emerged.

A striking example of cooperation is PayPal club: a group of familiar with each other PayPal former employees, have combined their efforts to call into existence a good bunch of extremely successful businesses, including Tesla Motors, LinkedIn, Palantir Technologies, SpaceX, YouTube, Yelp and Yammer. Four of them have become billionaires, which has probably made their friendship even stronger. Read the rest of this entry »

KeyloggerKeyloggers are a dangerous form of a malware that hackers often use to get people’s data. You will want to know what keyloggers are so that you can avoid them.

Surfing the Internet can be quite risky if you don’t understand all of the threats that you face. Keyloggers are one of the biggest cybersecurity threats. A hacker can easily install a keylogger on your system and steal your most sensitive information. You need to understand the dangers that keyloggers pose so that you can remove them from your computer or mobile device. Read the rest of this entry »

Android App Security5 Ways To Secure Your Next Android App

Android security has become a hot button issue among Android users and developers alike. While the Android platform does offer significantly more freedom when compared to iOS, BlackBerry and Microsoft operating systems, this freedom has a trade off; Android devices and applications have often been seen as far less secure than other options. For this reason, Android developers need to take special precautions when securing their applications. Read the rest of this entry »