NIST Site Search
Search NIST.GOV
Custom Search
[Official NIST.GOV TIME]
Product Research

Advertise on this site
Conflicker Worm - April Fools Day Likely To Make Fools Out Of Us Either Way
The "Conflicker" worm is set to trigger on April 1st. This one is certainly getting a lot of press. If it goes off and causes a lot of harm everyone will look like fools for not taking it seriously. But if everyone spends tons of additional time and effort on detection and prevention and nothing happens you'll still look foolish. We've included links to basic prevention and removal information below.No Longer Supported

[ Read the rest of the article... ]
Posted by NIST.org on Monday 30 March 2009 - 21:21:27 | |printer friendly
Translate to: {GOOGLETRANS}
Google Ads




Headlines

»CVE-2014-9767 (hhvm, php)
Directory traversal vulnerability in the ZipArchive::extractTo function in ext/zip/php_zip.c in PHP ...
»CVE-2015-5714 (wordpress)
Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject ...
»CVE-2015-5715 (wordpress)
The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPr ...
»CVE-2015-7557 (librsvg)
The _rsvg_node_poly_build_path function in rsvg-shapes.c in librsvg before 2.40.7 allows context-dep ...
»CVE-2015-7558 (librsvg)
librsvg before 2.40.12 allows context-dependent attackers to cause a denial of service (infinite loo ...
»CVE-2015-7989 (wordpress)
Cross-site scripting (XSS) vulnerability in the user list table in WordPress before 4.3.1 allows rem ...
»CVE-2015-8558
The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to c ...
»CVE-2015-8834 (wordpress)
Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows r ...
»CVE-2015-8865 (mac_os_x, php)
The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP ...
»CVE-2015-8866 (php)
ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isol ...
»CVE-2015-8867 (php)
The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before ...
»CVE-2015-8876 (php)
Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not v ...
»CVE-2015-8877 (libgd, php)
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before ...
»CVE-2015-8878 (php)
main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread s ...
»CVE-2015-8879 (php)
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior fo ...


Date published: 2016-05-25T04:50:00Z
Details

»Adobe Releases Security Update for Adobe Connect
Original release date: May 23, 2016 Adobe has released a security update to address a vulnera ...
»VMware Releases Security Updates
Original release date: May 18, 2016 VMware has released security updates to address vulnerabi ...
»Cisco Releases Security Updates
Original release date: May 18, 2016 Cisco has released security updates to address vulnerabil ...
»Symantec Releases Security Update
Original release date: May 16, 2016 Symantec has released Anti-Virus Engine 20151.1.1.4 to ad ...
»Apple Releases Multiple Security Updates
Original release date: May 16, 2016 Apple has released security updates for tvOS, iOS, watchO ...
»Adobe Releases Security Updates for Flash Player
Original release date: May 12, 2016 Adobe has released security updates to address vulnerabil ...
»Google Releases Security Update for Chrome
Original release date: May 11, 2016 Google has released Chrome version 50.0.2661.102 to addre ...
»Adobe Releases Security Updates
Original release date: May 10, 2016 | Last revised: May 11, 2016 Adobe has released security ...
»Microsoft Releases May 2016 Security Bulletin
Original release date: May 10, 2016 Microsoft has released 16 updates to address vulnerabilit ...
»WordPress Releases Security Update
Original release date: May 09, 2016 WordPress 4.5.1 and prior versions are affected by two vu ...


Date published: not known
Details

»Advertisements on Blogspot sites lead to support scam
Support scam pop-ups presented through malicious advertisements sho ...
»To make Tor work better on the web, we need to be honest about it
Many websites put barriers in front of visitors who use the Tor net ...
»Paper: How It Works: Steganography Hides Malware in Image Files
A new paper by CYREN researcher Lordian Mosuela takes a close look ...
»Paying a malware ransom is bad, but telling people to never do it is unhelpful advice
The current ransomware plague is one of the worst threats the Inter ...
»VB2015 paper: VolatilityBot: Malicious Code Extraction Made by and for Security Researchers
In his VB2015 paper, Martin Korman presented his 'VolatilyBot' tool ...
»VB2016 programme announced, registration opened
We have announced 37 papers (and four reserve papers) that will be ...
»New tool helps ransomware victims indentify the malware family
The people behind the MalwareHunterTeam have released a tool that h ...
»It's fine for vulnerabilities to have names — we just need not to take them too seriously
The PR campaign around the Badlock vulnerability backfired when it ...
»Blog Throwback Thursday: The Number of the Beasts
The Virus Bulletin Virus Prevalence Table, which ran from 1992 unti ...


Date published: not known
Details
Main Menu
· Home
Current Security News
 
US-CERT Current Activity

» Adobe Releases Security Update for Adobe Connect
[23 May 2016 01:44pm]

» VMware Releases Security Updates
[18 May 2016 03:20pm]

» Cisco Releases Security Updates
[18 May 2016 12:30pm]

» Symantec Releases Security Update
[16 May 2016 09:37pm]

» Apple Releases Multiple Security Updates
[16 May 2016 04:32pm]

» Adobe Releases Security Updates for Flash Player
[12 May 2016 11:39am]

» Google Releases Security Update for Chrome
[11 May 2016 03:59pm]

» Adobe Releases Security Updates
[10 May 2016 01:10pm]

» Microsoft Releases May 2016 Security Bulletin
[10 May 2016 01:07pm]

» WordPress Releases Security Update
[09 May 2016 11:08am]

***
US-CERT Alerts

» TA16-144A: WPAD Name Collision Vulnerability
[23 May 2016 05:38am]

» TA16-132A: Exploitation of SAP Business Applications
[11 May 2016 05:31am]

» TA16-105A: Apple Ends Support for QuickTime for Windows; New Vulnerabilities Announced
[14 Apr 2016 01:48pm]

» TA16-091A: Ransomware and Recent Variants
[31 Mar 2016 04:00pm]

» TA15-337A: Dorkbot
[03 Dec 2015 04:40pm]

» TA15-314A: Compromised Web Servers and Web Shells - Threat Awareness and Guidance
[10 Nov 2015 06:12pm]

» TA15-286A: Dridex P2P Malware
[13 Oct 2015 05:23am]

» TA15-240A: Controlling Outbound DNS Access
[28 Aug 2015 11:31am]

» TA15-213A: Recent Email Phishing Campaigns – Mitigation and Response Recommendations
[01 Aug 2015 04:01pm]

» TA15-195A: Adobe Flash and Microsoft Windows Vulnerabilities
[14 Jul 2015 05:13pm]

***
Computerworld Security

» IDG Contributor Network: Are you buried under your security data?
[25 May 2016 01:00pm]

» Faception can allegedly tell if you're a terrorist just by analyzing your face
[25 May 2016 09:56am]

» Top-level domain expansion is a security risk for business computers
[25 May 2016 08:32am]

» Apple hires mobile encryption pioneer amid encryption debate
[25 May 2016 04:49am]

» Do we need vendor allies in the malware arms race?
[24 May 2016 12:35pm]

» State officials worry about their ability to fight cyberattacks
[24 May 2016 10:32am]

» New DMA Locker ransomware is ramping up for widespread attacks
[24 May 2016 09:22am]

» 'Delayed' MacBook Pro 2016 to be thinner (says bored analyst)
[24 May 2016 05:30am]

» How data virtualization delivers on the DevOps promise
[23 May 2016 09:41am]

» A recently patched Flash Player exploit is being used in widespread attacks
[23 May 2016 09:32am]

» 100 thieves stole $12.7 million from ATMs in 2.5 hours
[23 May 2016 08:33am]

» Angry advertisers hope to seal fate of online ad fraud
[23 May 2016 07:10am]

» IDG Contributor Network: Encryption is the foundation of the new data center
[23 May 2016 04:30am]

» SWIFT asks customers to help it end a string of bank frauds
[23 May 2016 04:07am]

» Top 10 ways to retain IT security talent
[20 May 2016 01:10pm]

***
Microsoft Security Advisories

» 2880823 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 2.0
[18 May 2016 11:00am]

» 3155527 - Update to Cipher Suites for FalseStart - Version: 1.0
[10 May 2016 11:00am]

» 3152550 - Update to Improve Wireless Mouse Input Filtering - Version: 1.1
[22 Apr 2016 11:00am]

» 3137909 - Vulnerabilities in ASP.NET Templates Could Allow Tampering - Version: 1.1
[10 Feb 2016 11:00am]

» 2871997 - Update to Improve Credentials Protection and Management - Version: 5.0
[09 Feb 2016 11:00am]

» 3123479 - Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program - Version: 1.0
[12 Jan 2016 11:00am]

» 3109853 - Update to Improve TLS Session Resumption Interoperability - Version: 1.0
[12 Jan 2016 11:00am]

» 3118753 - Updates for ActiveX Kill Bits 3118753 - Version: 1.0
[12 Jan 2016 11:00am]

» 2755801 - Update for Vulnerabilities in Adobe Flash Player in Internet Explorer and Microsoft Edge - Version: 53.0
[05 Jan 2016 11:00am]

» 3057154 - Update to Harden Use of DES Encryption - Version: 1.1
[08 Dec 2015 11:00am]

» 3123040 - Inadvertently Disclosed Digital Certificate Could Allow Spoofing - Version: 1.0
[08 Dec 2015 11:00am]

» 3119884 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 1.0
[30 Nov 2015 11:00am]

» 3108638 - Update for Windows Hyper-V to Address CPU Weakness - Version: 1.0
[10 Nov 2015 11:00am]

» 3097966 - Inadvertently Disclosed Digital Certificates Could Allow Spoofing - Version: 2.0
[13 Oct 2015 11:00am]

» 2960358 - Update for Disabling RC4 in .NET TLS - Version: 2.0
[13 Oct 2015 11:00am]

***
WIRED

» A Car’s Computer Can ‘Fingerprint’ You in Minutes Based on How You Drive
[25 May 2016 10:24am]

» Security News This Week: Russia’s FindFace Face-Recognition App Is a Privacy Nightmare
[21 May 2016 05:00am]

» Gay Dating Apps Promise Privacy, But Leak Your Exact Location
[20 May 2016 05:00am]

» Chelsea Manning’s Appeal Took Three Years to File. Here’s Why
[19 May 2016 05:49pm]

» New Surveillance System May Let Cops Use All of the Cameras
[19 May 2016 05:00am]

» With Allo and Duo, Google Finally Encrypts Conversations End-to-End
[18 May 2016 01:23pm]

» That Insane, $81M Bangladesh Bank Heist? Here’s What We Know
[17 May 2016 05:00am]

» Everything We Know About How the FBI Hacks People
[15 May 2016 05:00am]

» Security News This Week: It’s Tech Versus the Government, Yet Again
[14 May 2016 05:00am]

» OkCupid Study Reveals the Perils of Big-Data Science
[14 May 2016 05:00am]

***
Network World Security

» Google’s Trust API: Bye-bye passwords, hello biometrics?
[25 May 2016 02:06pm]

» 5 active mobile threats spoofing enterprise apps
[25 May 2016 12:26pm]

» Regulators: cybersecurity poses biggest risk to global financial system
[25 May 2016 12:25pm]

» IDG Contributor Network: How to use Anycast to provide high availability to a RADIUS server
[25 May 2016 10:58am]

» SIEM review: Splunk, ArcSight, LogRhythm and QRadar
[09 May 2016 02:00pm]

» What users love (and hate) about 4 leading firewall solutions
[25 Apr 2016 01:48pm]

» 10 no-cost home security mobile apps worth a download
[01 Apr 2016 06:39am]

» 7 VPN services for hotspot protection
[14 Mar 2016 04:00am]

» Review: Consider VPN services for hotspot protection
[14 Mar 2016 04:00am]

» Review: 5 application security testing tools compared
[01 Mar 2016 01:29pm]

» Skyport eases the pain of deploying and securing remote servers
[29 Feb 2016 04:00am]

» Review: 8 password managers for Windows, Mac OS X, iOS, and Android
[24 Feb 2016 05:58am]

» What users love (and hate) about 4 leading identity management tools
[22 Feb 2016 06:52am]

» 5 active mobile threats spoofing enterprise apps
[25 May 2016 12:26pm]

» Regulators: cybersecurity poses biggest risk to global financial system
[25 May 2016 12:25pm]

***


More IT Security
News Feeds
More Sponsors

Advertise on this site
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf
Welcome
Username:

Password:




Remember me

[ ]

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.
{THEMEDISCLAIMER}