NIST IT Security: Search

NIST Site Search

Product Research

Advertise on this site

Headlines

eEye Digital Security - Zero-Day Tracker

»	Excel Invalid Object A remote code execution vulnerability exists within Microsoft Excel which may allow for a remote att ...
»	Adobe PDF Buffer Overflow A vulnerability exists within Adobe Acrobat that allows an attacker to execute arbitrary code on a v ...
»	Creative Software AutoUpdate Engine ActiveX stack buffer overflow The Creative Software AutoUpdate Engine ActiveX control is a component that provides automatic updat ...
»	Internet Connection Sharing DoS A denial of service vulnerability exists within the Internet Connection Sharing service in Microsoft ...
»	RPC Memory Exhaustion The three referenced exploits take advantage of an inherent problem in RPC, in which an attacker get ...

Date published: Tue, 9 Mar 2010 20:46:00 PST
Details

SecurityFocus News

»	News: Twitter attacker had proper credentials Twitter attacker had proper credentials
»	News: PhotoDNA scans images for child abuse PhotoDNA scans images for child abuse
»	News: Conficker data highlights infected networks Conficker data highlights infected networks >> Advertisement << Can you ...
»	News: Popular apps need better patching, says report Popular apps need better patching, says report
»	Brief: Google offers bounty on browser bugs Google offers bounty on browser bugs

Date published: not known
Details

ha.ckers.org web application security lab

»	RSA Conference Wrapup Well another RSA Conference has come and gone. Lots of vendor noise about their product being the o ...
»	Facebook Patents Social Feeds and I Patent XSS In honor of the USPO’s decision to allow Facebook’s patent for social feeds I decided to ...
»	Banks, Businesses, Viruses and the UCC There’s an interesting post over at Krebs On Security talking about some poor company that is ...
»	Google Buzz Security Flaw … Speaking of Google, I got an email from TrainReq (the same fellow who allegedly hacked Miley ...
»	Nevermind, I Was Wrong, Google Is Evil I’ve been waiting a while to do this post - several weeks actually since my original post. In ...
»	Phishing With Google Wave Hat tip to cyberlocksmith for this post. He pointed me to a good article on how to phish Google Wav ...

Date published: not known
Details

US-CERT Current Activity

»	Microsoft Releases March Security Bulletin
»	Energizer DUO USB Battery Charger Software Allows Remote System Access
»	Cisco Releases Multiple Security Advisories
»	Microsoft Releases Advance Notification for March Security Bulletin
»	U.S. Census Bureau 2010 Census Campaign Warning
»	Microsoft Re-Releases Security Bulletin MS10-015
»	Microsoft Releases Security Advisory to Address VBScript Vulnerability
»	Adobe Releases a Security Update for Download Manager
»	Mozilla Releases Security Advisories
»	Cisco Releases Multiple Security Advisories

Date published: not known
Details

DOE-CIRC Updates

»	T-323: Microsoft Security Advisory (981374) Microsoft Security Advisory (981374)
»	T-322: March Patch Tuesday Notes March Patch Tuesday Notes
»	T-321: Energizer DUO USB battery charger software allows unauthorized remote system access Energizer DUO USB battery charger software allows unauthorized remote system access
»	T-320: Apache 2.2.14 mod_isapi Dangling Pointer Apache 2.2.14 mod_isapi Dangling Pointer
»	T-319: Apache Multiple Security Vulnerabilities Apache Multiple Security Vulnerabilities
»	T-318: Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities
»	T-317: Vulnerability in VBScript Could Allow Remote Code Execution Vulnerability in VBScript Could Allow Remote Code Execution
»	T-316: Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability
»	T-315: PHP 5.2.13 Security Update PHP 5.2.13 Security Update
»	T-314: Microsoft Windows ICMPv6 Router Advertisement Remote Code Execution Vulnerability Microsoft Windows ICMPv6 Router Advertisement Remote Code Execution Vulnerability
»	T-313: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerabi ...
»	T-312: Adobe Download Manager Unspecified Arbitrary File Download Vulnerability Adobe Download Manager Unspecified Arbitrary File Download Vulnerability
»	T-311: Microsoft Windows SMB Client Race Condition Remote Code Execution Vulnerability Microsoft Windows SMB Client Race Condition Remote Code Execution Vulnerability
»	T-310: Mozilla Firefox Multiple Remote Memory Corruption Vulnerabilities Mozilla Firefox Multiple Remote Memory Corruption Vulnerabilities
»	T-309: Mozilla Firefox Unspecified Remote Code Execution Vulnerability Mozilla Firefox Unspecified Remote Code Execution Vulnerability

Date published: not known
Details

Virus Bulletin news

»	Morphing PDFs in new SEO poisoning trick Harmless documents replaced by web pages containing malicious code.
»	Botnet taken down as ringleaders are arrested 'Mariposa' included almost 13 million zombies.
»	March issue of VB published The March issue of Virus Bulletin is now available for subscribers to download.
»	Spammers move from China to Russia Stricter rules on registering .cn domains leads to increase in malicious .ru domains.
»	Nearly 20% still running IE 6 VB poll finds users still running outdated browser despite campaigns to boycott it.
»	Out-of-band patch release from Adobe Unscheduled update released by Adobe.

Date published: not known
Details

DarkReading - All Stories

»	Voluntary Breach Disclosure Rare But Valuable Most organizations won't go public about an attack unless they have to, but security experts say the ...
»	Ford Motor Rolls Out New Security Features To Prevent Car-Hacking Auto-maker enhances security for new lines of WiFi-enabled vehicles
»	Product Watch: Gemalto Rolls Out Secure Online Banking On A Stick USB thumb drive helps protect against man-in-the middle attacks
»	Botnets Serving Project Aurora Likely Built By "Amateurs," Researcher Says Rumors of sophistication in China's botnet attacks on Google, others were exaggerated, Damballa expe ...
»	New Massachusetts Data Privacy Law Adds Incentive For Strong Database Security Massachusetts Data Privacy Law went into effect on March 1 and focuses on prevention

Date published: not known
Details

Search NIST IT Security

Results 1 - 5 of 5 in Content

NIST SP 800-83 Guide to Malware Incident Prevention and Handling
...n horses, malicious mobile code, blended attacks, spyware tracking cookies. It also addresses attacker tools such as backdoors and rootkits. The rec...
Posted on Saturday 14 January 2006 - 22:00:00 in

VirusTotal will scan a file for free using 22 different virus / spyware checkers
Review of VirusTotal.com, a free service that scans your submitted files using 22 different spyware and virus checkers. Virustotal is a service that a...
Posted on Sunday 18 December 2005 - 22:00:00 in

NIST SP 800-69 (draft) Guidance for Securing Microsoft Windows XP Home Edition
...tections include such as: antivirus software, antispyware software, a personal firewall, limited user accounts, and automatic software updates, to sec...
Posted on Monday 14 August 2006 - 21:44:16 in

"Drop My Rights" - method to reduce harm while web surfing
...websites known to install spyware or viruses and look at the results. See the full paper at SecurityFocus.com, complete with test results.
Posted on Sunday 04 December 2005 - 23:50:12 in

SANS.ORG "Tools for Defense In-Depth" Poster
...i-spyware software when your corporation has a firewall you can show them why (you know they all claim to be \"visual\" learners)!
Posted on Tuesday 29 November 2005 - 22:00:00 in

Results 1 - 1 of 1 in Links

Computer Help | Tech Support Guy
Excellent forum where you can get quick answers to questions. Lots of Spyware help
http://www.techguy.org

Results 1 - 10 of 42 in News

Free Online Antivirus, Spyware, and Firewall Scanners Review
You might be doing everything right with your anti-virus and spyware malware protection. But no product is perfect and a "second opinion" is always v...
Posted on Monday 04 May 2009 - 21:16:00

Spyware Makers Targeting Enterprises Users
The well known antivirus and security software company Panda Software is reporting that targeted spyware attacks against corporate users are becoming ...
Posted on Monday 23 January 2006 - 18:12:41

The bi-yearly Anti-Virus / Anti-Malware Test Results Are In.
...est results. *NIST.org - Free Online Antivirus, Spyware, and Firewall Scanners Reviewed Share or Bookmark this Article Using: include'/hom...
Posted on Thursday 01 March 2007 - 21:34:01

Microsoft Says Recovery from Malware Becoming Impossible
...n you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch." // @@@malware, rootkit, spywar...
Posted on Friday 07 April 2006 - 21:32:49

AMD's Tech Support Forum Serving Exploited WMF files
...s like profit was the motivation since a Adware / Spyware toolbar was installed (drive-by style) on people's computers. According to F-Secure's Mikko ...
Posted on Monday 30 January 2006 - 22:39:19

NIST.org reviews free Virus and Malware scanner
VirusTotal.com provides a completely free service that scans files you upload for viruses, spyware and other malware. The site doesn't require regist...
Posted on Monday 19 December 2005 - 21:50:32

Commercial spyware using rootkit techniques to avoid removal
...ht technology has exposed is installed by Apropos spyware, which plagues users with popup windows. "The reason for Apropos to use rootkit techniq...
Posted on Friday 16 December 2005 - 10:54:45

Spyware now represents over 66% of all malicious software threats
According to the 2005 Security Threat Management Report from antivirus software company Sophos PLC spyware is now the biggest malicious software theat...
Posted on Wednesday 07 December 2005 - 20:26:45

Review of Secunia's “Software Inspector” - Detects Insecure Application Versions
... Scanning is free and the scanner installs no spyware, adware, or anything permanent on your computer. Secunia is a well respected security compan...
Posted on Wednesday 24 January 2007 - 16:47:34

2nd 0-day MS Explorer / Outlook Exploit in the Wild (VML Buffer Overflow)
...t in the wild. It is currently being used to push spyware and to create botnet zombies. This is the 2nd 0day IE exploit so far this month. Rated Extre...
Posted on Thursday 21 September 2006 - 14:52:39

Go to page >>

Results in Forum

No matches found

Results in Comments

No matches found

Results 1 - 2 of 2 in Other Pages

NIST Book Store
...mputer Forensics »Ethical Hacking »Malware, Spyware, Viruses »FISMA Compliance, Policies, etc »PKI, Encryption, Smartcards »Windows Sec...
Posted on Friday 17 November 2006 - 13:52:10

NIST Security Picks
Top Security Picks: Spampal - Free SPAM Control Kerio - Personal Firewall CounterSpy - Anti-Spyware NOD32 - Antivirus ...
Posted on Friday 31 March 2006 - 13:47:45

Results in Bugtracker2

No matches found

Translate to:

Latest NIST.org news and comments

NIST Computer Security Division Released Special Publication 800-38E Posted on:01/25/10

DRAFT Special Publication 800-37 Revision 1 Available Posted on:11/17/09

News Blog: "Mass Panic! The iPhone Has a Vulnerability" Posted on:07/30/09

First ZeroDay Exploit Hits Firefox Posted on:07/20/09

"FBI Probes Hacker's $10 Million Ransom Demand for Stolen Virginia Medical Records" Posted on:05/06/09

Free Online Antivirus, Spyware, and Firewall Scanners Review Posted on:05/04/09

Conflicker Worm / Botnet Downloads Mystery Payload – April 9th update Posted on:04/09/09

Conflicker Worm - April Fools Day Likely To Make Fools Out Of Us Either Way Posted on:03/30/09

ESET NOD32 False Positive for Kryptik.JX Causing Problems Posted on:03/09/09

New Report Shows 92 Percent of Critical Microsoft Vulnerabilities are Mitigated by Eliminating Admin Rights Posted on:02/03/09

Federal Employees At Risk Again From Monster.com Compromise Posted on:01/25/09

Microsoft Windows Does Not Disable AutoRun Properly - Technical Cyber Security Alert TA09-020A Posted on:01/21/09

Internet Explorer XML Exploit Allows Remote Code Execution Posted on:12/14/08

Microsoft Has Released An Extremely Urgent Out of Band Windows Update Posted on:10/23/08

If You Haven't Patched Your DNS Server Yet You're Simply Negligent Posted on:08/06/08

Google Ads

NIST Security Books

NIST IT Security Books

Training / Books

»Security Certifications -
» CISSP, SSCP, Security+, etc.

»Computer Forensics

»Ethical Hacking

»Malware, Spyware, Viruses

»FISMA Compliance, Policies, etc

»PKI, Encryption, Smartcards

»Windows Security Guides

»HIPAA, SOX, CISP, etc.

NIST.org Security Bookstore

Current Security News

SANS Internet Storm Center, InfoCON: green

» Infocon: green

» What's My Firewall Telling Me? (Part 4), (Wed, Mar 10th)
[09 Mar 2010 08:37pm]

» Microsoft Security Advisory 981374 - Remote Code Execution Vulnerability for IE6 and IE7, (Wed, Mar 10th)
[09 Mar 2010 08:36pm]

» March 2010 - Microsoft Patch Tuesday Diary, (Tue, Mar 9th)
[09 Mar 2010 11:10am]

» Samurai WTF 0.8, (Mon, Mar 8th)
[09 Mar 2010 09:33am]

» Vodafone Android Phone: Complete with Mariposa Malware, (Tue, Mar 9th)
[09 Mar 2010 07:20am]

» Energizer Malware, (Tue, Mar 9th)
[09 Mar 2010 03:09am]

» SEO poisoning on TV show, (Mon, Mar 8th)
[08 Mar 2010 10:08am]

» Microsoft announced two important bulletins (fixing multiple vulns. affecting Windows and Office) for tomorrow: http://www.microsoft.com/technet/security/Bulletin/MS10-mar.mspx, (Mon, Mar 8th)
[07 Mar 2010 11:55pm]

***CNET News.com

» Malware found on HTC Android phone from Vodafone
[09 Mar 2010 01:40pm]

» Microsoft warns of zero-day IE hole on Patch Tuesday
[09 Mar 2010 12:48pm]

» Drudge Report accused of serving malware, again
[09 Mar 2010 10:31am]

» Backdoor found in Energizer Duo USB battery charger
[08 Mar 2010 10:10am]

» Police get Webcam pictures in school spy case
[06 Mar 2010 02:12pm]

» At RSA 2010, the secure and the insecure (photos)
[05 Mar 2010 03:04pm]

» RSA 2010: Taking on cyberthreats
[04 Mar 2010 05:09pm]

» Microsoft to fix eight Windows and Office holes
[04 Mar 2010 04:53pm]

» Symantec exhibit makes cybercrime tangible
[04 Mar 2010 04:52pm]

» 'Mission Impossible'-style heist hits N.J. Best Buy
[04 Mar 2010 12:18pm]

» Study lauds IE for blocking Web's social attacks
[04 Mar 2010 08:55am]

» McAfee: Source code is easy target within corporations
[03 Mar 2010 02:01pm]

» Study: Medical identity theft is costly for victims
[03 Mar 2010 06:00am]

» Spain arrests three accused of running huge botnet
[02 Mar 2010 05:10pm]

» Microsoft exec: Infected PCs should be quarantined (Q&A)
[02 Mar 2010 04:42pm]

***Computerworld Security News

» Twitter to begin screening some links for phishing
[09 Mar 2010 08:09pm]

» Ex-Sun chief dishes dirt on Gates, Jobs
[09 Mar 2010 06:06pm]

» Update: LifeLock to pay $12M to settle FTC, states' complaint
[09 Mar 2010 02:57pm]

» Microsoft skips patch for PowerPoint add-on
[09 Mar 2010 02:16pm]

» Microsoft warns of new IE bug; attacks under way
[09 Mar 2010 12:11pm]

» Bogus intranets scam university students
[09 Mar 2010 08:49am]

» More Security News

***GSO

» Netgear Router Hack Pt. 2 by Kenny
[01 Dec 2009 05:16pm]

» Netgear Router Hack Pt. 1 by Kenny
[01 Dec 2009 05:16pm]

***

More IT Security
News Feeds

More Sponsors

Advertise on this site

NIST - Books You Need

NIST Bookstore

RSS Feeds

Our news can be syndicated by using these rss feeds.

Add to NetVibes

Add to Bloglines

Add to NewsGator

Add to My Yahoo

Add to Technorati

Subscribe in FeedLounge

Add to ProtoPage

Symantec News

Welcome

Other News

News Release - LogLogic Announces FISMA Control and Compliance Suite Based On NIST For Government Organizations

Commercial spyware using rootkit techniques to avoid removal

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.