HyperGressive Technologies - Information Security Systems, No Boundaries Networking

Vuln: Pligg CMS 'status' Parameter SQL Injection Vulnerability Pligg CMS 'status' Parameter SQL Injection Vulnerability [from SecurityFocus Vulnerabilities] SANSFIRE 2011 SANSFIRE 2011 [from SANS Information Security Reading Room] Risk Assessment of Social Media Categories: Digital Privacy,Risk ManagementPaper Added: May 16, 2012 [from SANS Information Security Reading Room] Shedding Light on Security Incidents Using Network Flows Categories: Incident Handling,Logging Technology and Techniques,Network DevicesPaper Added: May 16, 2012 [from SANS Information Security Reading Room] In-house Penetration Testing for PCI DSS Category: CompliancePaper Added: May 11, 2012 [from SANS Information Security Reading Room] Bugtraq: H2HC Brazil 9th Edition - Call for Papers H2HC Brazil 9th Edition - Call for Papers [from SecurityFocus Vulnerabilities] A Regular Expression Search Primer for Forensic Analysts Category: ForensicsPaper Added: April 24, 2012 [from SANS Information Security Reading Room] Bugtraq: SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd ... SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149 [from SecurityFocus Vulnerabilities] Diskless Cluster Computing: Security Benefit of oneSIS and Git Categories: Best Practices,Digital Privacy,Cloud ComputingPaper Added: April 16, 2012 [from SANS Information Security Reading Room] Bugtraq: Re: [oss-security] CVE Request: Planeshift buffer overflow Re: [oss-security] CVE Request: Planeshift buffer overflow [from SecurityFocus Vulnerabilities] Detailed Analysis Of Sykipot (Smartcard Proxy Variant) Category: Malicious CodePaper Added: April 16, 2012 [from SANS Information Security Reading Room] Bugtraq: Re: [oss-security] CVE Request: Planeshift buffer overflow Re: [oss-security] CVE Request: Planeshift buffer overflow [from SecurityFocus Vulnerabilities] Remote Access Point/IDS Category: Wireless AccessPaper Added: April 10, 2012 [from SANS Information Security Reading Room] Vuln: Scalable Vector Graphics (SVG) Arbitrary Code Execution Vulnerability Scalable Vector Graphics (SVG) Arbitrary Code Execution Vulnerability [from SecurityFocus Vulnerabilities] Vuln: Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability [from SecurityFocus Vulnerabilities] Vuln: FFmpeg libavcodec 'vmd decode()' Heap Based Buffer Overflow Vulnerability FFmpeg libavcodec 'vmd decode()' Heap Based Buffer Overflow Vulnerability [from SecurityFocus Vulnerabilities] MS12-034 - Critical : Combined Security Update for Microsoft Office, Windows,... [from Microsoft Security Content: Comprehensive Edition] In the eye of the storm, better bandwidth through bonding For Paulding County, Ga., bonding three cellular channels together provides multimegabit bandwidth for its mobile command center without the expense of a satellite link. [from Government Computer News: Homeland Security] Even with good cell service, emergency crews might need satellite Paulding County, Ga., gets good broadband connectivity over cellular service for its mobile command center, but it is considering satellite communications as a backup service. [from Government Computer News: Homeland Security] MS11-100 - Critical : Vulnerabilities in .NET Framework Could Allow Elevation... [from Microsoft Security Content: Comprehensive Edition] Summary for May 2012 - Version: 2.0 [from Microsoft Security Content: Comprehensive Edition] MS12-035 - Critical : Vulnerabilities in .NET Framework Could Allow Remote Co... [from Microsoft Security Content: Comprehensive Edition] DHS R&D program has a disconnect with first responders' needs, House panel told The department has a program to help develop technology for first responders, but matching the money with state and local agencies' requirements has proved difficult. [from Government Computer News: Homeland Security] MS12-031 - Important : Vulnerability in Microsoft Visio Viewer 2010 Could All... [from Microsoft Security Content: Comprehensive Edition] MS12-032 - Important : Vulnerability in TCP/IP Could Allow Elevation of Privi... [from Microsoft Security Content: Comprehensive Edition] MS12-033 - Important : Vulnerability in Windows Partition Manager Could Allow... [from Microsoft Security Content: Comprehensive Edition] Microsoft Security Advisory (2695962): Update Rollup for ActiveX Kill Bits - ... [from Microsoft Security Content: Comprehensive Edition] Spear-phishing attacks hit gas pipeline networks DHS alerts operators that "tightly focused" attacks, ongoing since at least December, have compromised a number of organizations. [from Government Computer News: Homeland Security] FCC's 5-step plan for deploying Next-Gen 911 The Federal Communications Commission's road map for the transition to a new generation of 911 services starts with location accuracy. [from Government Computer News: Homeland Security] 911 services face an emergency of their own People are moving quickly to mobile devices and relying on text and video rather than voice. Can Next-Gen 911 catch up? [from Government Computer News: Homeland Security] Facebook offers Microsoft Security Essentials as a security solution We’re very excited to announce that Microsoft has teamed up with Facebook to offer Windows users free malware protection with Microsoft Security Essentials. Since May 1st, Facebook users have had the choice of downloading and installing Microsoft ... [from Microsoft Malware Protection Center] WWI 'dazzle paint' fools face recognition scanners An artist finds that the same approach used in World War I to confound the rangefinders on attacking ships will prevent a facial scanner from recognizing you. [from Government Computer News: Homeland Security] An interesting case of Mac OSX malware In June 2009, Microsoft issued security update MS09-027, which fixed a remote code execution vulnerability in the Mac version of Microsoft Office. Despite the availability of the bulletin (and the passage of time), not every machine is up to date ... [from Microsoft Malware Protection Center] A tangled web... The moment of infection, and the circumstances that lead to the introduction of malware to a system, are often not obvious. This short case study examines our observations and investigations into a particular example that illustrates a fairly typi... [from Microsoft Malware Protection Center] SIRv12: The obstinacy of Conficker Conficker is one of the most significant threat families facing organizations worldwide today; its initial impact along with its continued obstinacy shows that clearly. In the fourth quarter of 2011 – three years after its initial release – it att... [from Microsoft Malware Protection Center] Analysis of the Eleonore exploit pack shellcode '?Eleonore' is a malware package that contains a collection of exploits used to compromise web pages. When the compromised web pages are viewed via vulnerable systems, the exploit payload is run. Eleonore is purchased by an attacker from an underg... [from Microsoft Malware Protection Center] Revenge of the Reveton Computer users around the world are increasingly accustomed to managing their bank accounts, paying their bills and performing other activities online. The use of technology to manage finances has long been a target of attackers, and malware autho... [from Microsoft Malware Protection Center] MSRT April 2012: Win32/Claretore We included three threat families in the April edition of the Microsoft Malicious Software Removal Tool - Win32/Claretore, Win32/Bocinex and Win32/Gamarue. In this post, we discuss Win32/Claretore. The earliest reported variant in this family can ... [from Microsoft Malware Protection Center] Microsoft and partners disrupt Zeus botnets We have discussed in the past our collaboration with external parties to combat botnet threats to further the betterment of the Internet, such as Operations b49, b107 and b79. This week, Microsoft has partnered with security experts and the financ... [from Microsoft Malware Protection Center]