Vuln: Microsoft ISA Server Radius OTP Authentication Bypass Vulnerability
Microsoft ISA Server Radius OTP Authentication Bypass Vulnerability
URL: http://www.securityfocus.com/bid/35631
Posts Tagged ‘Security’
Microsoft ISA Server Radius OTP Authentication Bypass Vulnerability
BASE – 3 Persistent Cross Site Scripting Vulnerabilities
BASE – 3 Persistent Cross Site Scripting Vulnerabilities
Posted by Jabra on May 30
BASE, a well known Snort Frontend has 3 Persistent Cross Site Scripting Vulnerabilities.
For those who don’t know, Cross-Site Scripting allows the attacker to inject Javascript to modify the functionality of the webpages. Since this vulnerability exists in [...]
Sprint’s CEO Rakes in $15.5M in Compensation
Sprint¡¦s CEO Rakes in $15.5M in Compensation
Dan Hesse, CEO at Sprint-Nextel Corp. took home 30 percent bigger of a bonus for 2008 than expected, raking in $2.6 million. His overall compensation package came in at $15.5 million, with a base salary of $1.2 million.
Sprint shares have lost more than 70 percent of their value since [...]
Yet another company decides to get into the Mac cloning game
Yet another company decides to get into the Mac cloning game
Psystar has had a rather lackluster showing in its attempt to sell unauthorized Mac clones¡Xbesides Apple suing the pants off the company, Psystar has also filed for bankruptcy after just a year in existence. Now, a new company in Los Angeles hopes to somehow escape [...]
Security update for Xvid
Security update for Xvid
The Xvid developers have released version 1.2.2 of their MPEG-4 codec to fix three security-related issues. One of the flaws reportedly prevents a function of the xvidcore library from checking the resync marker range correctly.
In its short announcement, Xvid Solutions do not mention whether the flaws can be exploited for injecting code [...]
CIS releases security configuration standards for iPhone
CIS releases security configuration standards for iPhone
The nonprofit Center for Internet Security (CIS) this week released free guidelines that can help organizations develop custom policies related to use of the increasingly popular mobile device, said Blake Frantz, CTO of the CIS. The benchmarks inform users about the security configuration settings available to them on the [...]
New Travel Rules for High-Tech IDs Take Effect June 1
New Travel Rules for High-Tech IDs Take Effect June 1
New travel requirements go into effect June 1 at U.S. land and sea borders amid security concerns over an RFID-enabled passport card that has been approved for U.S. travelers.
The passport cards are being issued by the U.S. State Department under a program aimed at better securing [...]
The 5-step guide to fixing almost any PC problem
The 5-step guide to fixing almost any PC problem
Troubleshooting is curious skill. It’s part detective work, part methodical experimentation and part inspired guesswork, and part Zen Buddhism. That’s a lot of parts but you need them all to be able to sift through a list of symptoms, identify the fault, work out an appropriate remedy [...]
‘Pay With Facebook’ Is In The Wild
¡¥Pay With Facebook¡¦ Is In The Wild
Earlier today, we wrote about Facebook updating its terms to get ready for the roll-out of its payment system. Well guess what, it¡¦s already here.
The application GroupCard is currently testing the new payment system live for all accounts that have it installed. I included some screenshots below. It¡¦s very [...]
Why Karma Matters
Microsoft Silverlight vs Google Wave: Why Karma Matters
Inevitable comparisons are made between the hugely enthusiastic developer response (including from us at Zoho) to Google Wave yesterday with the relatively tepid reponse to Microsoft’s new search engine Bing. The real interesting contrast to us, as independent software developers, is the way developers responded to Silverlight as [...]
Electronic messages never really private
Electronic messages never really private
Cell phones, instant messages and global positioning satellites are everywhere. But awareness that information sent over these devices is traceable doesn’t seem to be.
“I think people, in their lazy behavior, think they’re communicating one on one,” said John Donovan, a technology expert whose company, Telecom Visions Inc., is based in Garden [...]
An Avenue for Cyberterrorism?, (Sat, May 30th)
Embedded Devices: An Avenue for Cyberterrorism?, (Sat, May 30th)
There has been growing concern with the security of embedded devices as they continue to proliferate in several industries. This is caused by a confluence of several issues that makes for a difficult problem to solve.
First, these devices more and more rely on commodity operating [...]
Cinema ordered to pay $10K in damages for search
Ca: Cinema ordered to pay $10K in damages for search
A Quebec court has ordered a cinema to pay $10,000 in damages after staff searched patrons’ bags and turned up smuggled snacks and birth control pills — and in the process violated their privacy rights.
Source – CTV.ca
via BoingBoing
Reddit It | Digg This | Add to del.icio.us
URL: http://www.pogowasright.org/article.php?story=20090530190741593
4117
4117
PDF/Exploit.Pidief.ONG, VBS/TrojanDownloader.Small.L (6), Win32/Adware.BHO.GBP (2), Win32/Adware.BHO.NCG (2), Win32/Adware.GooochiBiz (4), Win32/Adware.WSearch, Win32/Agent.NXT (2), Win32/AutoRun.Agent.NP, Win32/AutoRun.Delf.BY, Win32/Delf.PFS, Win32/FlyStudio.NML, Win32/FlyStudio.NMM (5), Win32/Hupigon, Win32/Hupigon.NPE, Win32/KillAV.NDV (2), Win32/Koutodoor.AF (3), Win32/Koutodoor.G, Win32/Peerfrag.AG, Win32/Poison.NBC (2), Win32/PSW.Agent.NLP (2), Win32/PSW.OnLineGames.NMP (2), Win32/PSW.OnLineGames.NMY (3), Win32/PSW.OnLineGames.NNM, Win32/PSW.OnLineGames.NSU (2), Win32/PSW.OnLineGames.OKE, Win32/PSW.WOW.DZI, Win32/PSWTool.MailPassView.151 (4), Win32/Rootkit.Agent.NLY, Win32/Rustock.NIH, Win32/Rustock.NIK (3), Win32/Spy.Banker.AFFJ, Win32/Spy.Banker.QLG (4), Win32/TrojanDownloader.Bredolab.AA (2), Win32/TrojanDownloader.FakeAlert.AAX, Win32/TrojanDownloader.FakeAlert.ABV, Win32/TrojanDownloader.FakeAlert.ACU, Win32/TrojanDownloader.FakeAlert.ACV (2), [...]
Threat Level Privacy, Crime and Security Online Obama Says Government Sanctions Unwarranted in Spy Case
Threat Level Privacy, Crime and Security Online Obama Says Government Sanctions Unwarranted in Spy Case
The Obama administration refused to budge late Friday and agree to reveal state secrets in a lawsuit weighing whether a sitting president may lawfully bypass Congress and spy on Americans without warrants as President George W. Bush did following the 2001 [...]
