NIST Site Search
Google
Web NIST.org
NIST.gov
Product Research

Advertise on this site
Headlines

»Excel Invalid Object
A remote code execution vulnerability exists within Microsoft Excel which may allow for a remote att ...
»Adobe PDF Buffer Overflow
A vulnerability exists within Adobe Acrobat that allows an attacker to execute arbitrary code on a v ...
»Creative Software AutoUpdate Engine ActiveX stack buffer overflow
The Creative Software AutoUpdate Engine ActiveX control is a component that provides automatic updat ...
»Internet Connection Sharing DoS
A denial of service vulnerability exists within the Internet Connection Sharing service in Microsoft ...
»RPC Memory Exhaustion
The three referenced exploits take advantage of an inherent problem in RPC, in which an attacker get ...

Date published: Tue, 16 Mar 2010 21:43:00 PST
Details

»News: Change in Focus
Change in Focus
»News: Twitter attacker had proper credentials
Twitter attacker had proper credentials
»News: PhotoDNA scans images for child abuse
PhotoDNA scans images for child abuse

>> Advertisement <<
Can you answe ...
»News: Conficker data highlights infected networks
Conficker data highlights infected networks
»Brief: Google offers bounty on browser bugs
Google offers bounty on browser bugs

Date published: not known
Details

»Conversations With a Blackhat
I’ve been spending more and more time talking to blackhats lately. Frankly, I think they̵ ...
»Using Parameter Pollution and Clickjacking to Aid Anti-CSRF Bypass
It’s been a while since I’ve talked about Clickjacking, with only a few exceptions here ...
»RSA Conference Wrapup
Well another RSA Conference has come and gone. Lots of vendor noise about their product being the o ...
»Facebook Patents Social Feeds and I Patent XSS
In honor of the USPO’s decision to allow Facebook’s patent for social feeds I decided to ...
»Banks, Businesses, Viruses and the UCC
There’s an interesting post over at Krebs On Security talking about some poor company that is ...
»Google Buzz Security Flaw
… Speaking of Google, I got an email from TrainReq (the same fellow who allegedly hacked Miley ...

Date published: not known
Details

»Apple Releases Safari 4.0.5
»Microsoft Releases March Security Bulletin
»Energizer DUO USB Battery Charger Software Allows Remote System Access
»Cisco Releases Multiple Security Advisories
»Microsoft Releases Advance Notification for March Security Bulletin
»U.S. Census Bureau 2010 Census Campaign Warning
»Microsoft Re-Releases Security Bulletin MS10-015
»Microsoft Releases Security Advisory to Address VBScript Vulnerability
»Adobe Releases a Security Update for Download Manager
»Mozilla Releases Security Advisories

Date published: not known
Details

»T-327: GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
GNU Tar and GNU Cpio Remote Buffer Overflow Vulnerability
»T-326: Oracle 11gR2 Multiple Remote Privilege Escalation Vulnerabilities
Oracle 11gR2 Multiple Remote Privilege Escalation Vulnerabilities
»T-325: Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication
Microsoft re-release of KB973811 - attacks on Extended Protection for Authentication
»T-324: Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability
Samba 'CAP_DAC_OVERRIDE' File Permissions Security Bypass Vulnerability
»T-323: Microsoft Security Advisory (981374)
Microsoft Security Advisory (981374)
»T-322: March Patch Tuesday Notes
March Patch Tuesday Notes
»T-321: Energizer DUO USB battery charger software allows unauthorized remote system access
Energizer DUO USB battery charger software allows unauthorized remote system access
»T-320: Apache 2.2.14 mod_isapi Dangling Pointer
Apache 2.2.14 mod_isapi Dangling Pointer
»T-319: Apache Multiple Security Vulnerabilities
Apache Multiple Security Vulnerabilities
»T-318: Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities
Drupal Prior to 6.16 and 5.22 Multiple Security Vulnerabilities
»T-317: Vulnerability in VBScript Could Allow Remote Code Execution
Vulnerability in VBScript Could Allow Remote Code Execution
»T-316: Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability
Microsoft Windows Client/Server Run-time Subsystem Local Privilege Escalation Vulnerability
»T-315: PHP 5.2.13 Security Update
PHP 5.2.13 Security Update
»T-314: Microsoft Windows ICMPv6 Router Advertisement Remote Code Execution Vulnerability
Microsoft Windows ICMPv6 Router Advertisement Remote Code Execution Vulnerability
»T-313: Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability
Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerabi ...

Date published: not known
Details

»Estonian virus writer sent to jail
Author of Allapple virus sentenced.
»Morphing PDFs in new SEO poisoning trick
Harmless documents replaced by web pages containing malicious code.
»Botnet taken down as ringleaders are arrested
'Mariposa' included almost 13 million zombies.
»March issue of VB published
The March issue of Virus Bulletin is now available for subscribers to download.
»Spammers move from China to Russia
Stricter rules on registering .cn domains leads to increase in malicious .ru domains.
»Nearly 20% still running IE 6
VB poll finds users still running outdated browser despite campaigns to boycott it.

Date published: not known
Details

»'Operation Aurora' Changing The Role Of The CISO
The targeted attacks out of China against Google and other U.S. firms have forced some chief informa ...
»Live Data In Test Environments Is Alive And Well -- And Dangerous
83 percent of financial firms use production data while developing and testing applications, so DBAs ...
»Iran Arrests 30 Accused Of U.S.-Backed 'Cyberwar'
Twenty-nine Websites in Iran hacked to prevent further espionage, Iranian government says
»Security Pros With Written Career Plans Make More Money
New survey shows half of security professionals are unhappy in their jobs and of those who move on, ...
»Product Watch: Kaspersky Lab Rolls Out Password Manager
Feature will also be bundled with upcoming all-in-one Internet security suite

Date published: not known
Details
Submit News Item
Login Name:
Email Address:

We are testing a feature that allows anonymous users to post news. All submissions will be reviewed by us before going live. Though anonymous submission allows you to post news without having to register first we recommend that you register or at least leave full contact information in your submission (let us know if you want it deleted from the live news article). Otherwise we will have to spend more time verifying your submission. If you are not currently registered at NIST.org simply enter your first name or a handle in the Login Name block. We prefer news and whitepapers of common interest, especially threats that have the potential to cause widespread problems. We would also like to see news regarding U.S. federal government compliance mandates. Before submitting, we recommend you take a moment to familiarize yourself with the type of material we publish. Not all submissions will be used and we reserve the right to edit. Thank You.

Category:
Subject:
News Item:
Translate to: French German Italian Spanish Portuguese GTM_LAN_DUTCH Russian Chinese Arabic Korean English
Google Ads




NIST Site Menu
·Home

NIST Security Books
NIST IT Security Books

Training / Books

»Security Certifications -
» CISSP, SSCP, Security+, etc.

»Computer Forensics

»Ethical Hacking

»Malware, Spyware, Viruses

»FISMA Compliance, Policies, etc

»PKI, Encryption, Smartcards

»Windows Security Guides

»HIPAA, SOX, CISP, etc.

NIST.org Security Bookstore
Current Security News
 
SANS Internet Storm Center, InfoCON: green

» Infocon: green

» Internet Explorer 9 "Platform Preview" Now Available From Microsoft, (Tue, Mar 16th)
[16 Mar 2010 03:09pm]

» Trouble Ticket Express Exploit in the Wild a Day After the Vulnerability Announcement, (Tue, Mar 16th)
[16 Mar 2010 08:11am]

» Spamassassin Milter Plugin Remote Root Attack, (Mon, Mar 15th)
[15 Mar 2010 08:07am]

» DST Issue in Windows 7 Ultimate?, (Sun, Mar 14th)
[14 Mar 2010 10:16am]

» Evil Sports Sites, (Sat, Mar 13th)
[14 Mar 2010 10:11am]

» Reminder: Daylight Saving Time starts tonight in several countries. See http://www.timeanddate.com/time/dst2010.html for more details., (Sun, Mar 14th)
[13 Mar 2010 05:12pm]

» Firebug 1.5.3 is out. See http://blog.getfirebug.com/2010/03/12/firebug-1-5-3/ , (Sat, Mar 13th)
[13 Mar 2010 03:56pm]

» A new version of Safari is out. Looks like for Mac and Windows. Plenty of security fixes (mostly for Windows Safari users http://support.apple.com/kb/HT4070 ), (Thu, Mar 11th)
[13 Mar 2010 11:37am]
***
CNET News.com

» Virtual PC hole could lead to attacks, security firm says
[16 Mar 2010 06:37pm]

» SEC: Stocks boosted via hijacked accounts
[16 Mar 2010 06:26pm]

» Breaking the Mariposa botnet (Q&A)
[16 Mar 2010 01:06pm]

» Internet safety video could win you $10,000
[16 Mar 2010 06:00am]

» Filling the digital landfills of our lives
[15 Mar 2010 04:55pm]

» U.S. Army worried about Wikileaks in secret report
[15 Mar 2010 12:43pm]

» Microsoft races to plug IE hole after exploit code released
[15 Mar 2010 11:00am]

» Report names 'enemies of the Internet'
[15 Mar 2010 10:57am]

» Privacy is not dead, says SXSWi keynoter Boyd
[13 Mar 2010 06:06pm]

» When malware strikes via bad ads on good sites
[12 Mar 2010 11:24am]

» ISP interruptions trip up Zeus botnet
[12 Mar 2010 08:41am]

» Researcher publishes exploit for new IE hole
[11 Mar 2010 09:28am]

» LimeWire enlists AVG for user protection
[10 Mar 2010 05:53pm]

» Twitter to block malicious links
[10 Mar 2010 02:07pm]

» WhitePages.com halts ad networks over malware
[10 Mar 2010 10:01am]
***
Computerworld Security News

» IRS, DOJ use social media sites to track deadbeats, criminal activity
[16 Mar 2010 02:41pm]

» Tweeps and Facebook Friends, Let's Smarten Up
[16 Mar 2010 12:34pm]

» Opinion: Maybe users aren't so funny after all
[16 Mar 2010 12:28pm]

» Why is cloud computing hard? Top tech execs explain
[16 Mar 2010 10:48am]

» Tighten up virtual server security, cautions Gartner
[16 Mar 2010 07:19am]

» McAfee service scans cloud environments for security vulnerabilities
[16 Mar 2010 01:44am]

» More Security News
***
GSO

» Netgear Router Hack Pt. 2 by Kenny
[01 Dec 2009 05:16pm]

» Netgear Router Hack Pt. 1 by Kenny
[01 Dec 2009 05:16pm]
***


More IT Security
News Feeds
More Sponsors

Advertise on this site
NIST - Books You Need

NIST Bookstore
RSS Feeds
Our news can be syndicated by using these rss feeds.
rss1.0
rss2.0
rdf
Add to NetVibes
Add to Bloglines
Add to NewsGator
Add to Google
Add to My Yahoo
Add to My MSN
Add to Technorati
Add to Pluckit
Add to My AOL
Subscribe in FeedLounge
Add to ProtoPage
Symantec News
Welcome
Username:

Password:


Remember me

[ ]
[ ]
[ ]
Other News

NIST.org is in no way connected to the U.S. government site NIST.gov

This site is © John Herron, CISSP. All Rights Reserved.

Please visit daily to stay up to date on all your IT Security compliance issues.

http://www.nist.org -
Hosted by BlueHost. We've never had a better hosting company.