Commerce Department Wants Companies to Publish Ingredients of their Software The Commerce Department is trolling around the RSA conference trying to get companies to publish the ingredients in their software – the so called bill of materials that I have written about before – so that users can understand what libraries are being loaded. The […]
Continue reading → [DISPLAY_ACURAX_ICONS]As people use their mobile devices as what one friend used to call a “pocket super computer” as opposed to something where you dial 7 digits (remember that) and talk to someone, hackers have figured out that the new attack vector is your phone. In part, this is due to the fact that finally, after […]
Continue reading → [DISPLAY_ACURAX_ICONS]Adobe seems to have trouble catching a break sometimes, Today they released an emergency patch for a vulnerability in the Cold Fusion application that Adobe bought in 2005. The bug allows an attacker to bypass the file upload restrictions, allowing an attacker to upload a malicious executable and then get the target system to execute […]
Continue reading → [DISPLAY_ACURAX_ICONS]Just ONE day after the announcement of the NINETEEN YEAR OLD bug in the very popular WinRAR utility, Checkpoint Software found examples of it being exploited in the wild. Given that the vast majority of the 500 million copies will likely NEVER be patched and the fact that the bug allows the hacker to take […]
Continue reading → [DISPLAY_ACURAX_ICONS]Many employees are at least curious about their next job. That is the basis for this attack. The attacker sends Linkedin direct messages from a legitimate Linkedin account. If that doesn’t appeal to the target, the attacker sends emails to the targets business email address suggesting a job offer. The links in the email points […]
Continue reading → [DISPLAY_ACURAX_ICONS]I wrote a while back about hackers that had compromised a law firm and its customer Hiscox insurance – or said differently Hiscox and its vendor. The law firm was handling claims related to 9/11 (almost 20 years later and still litigating!). A lot of law firms (certainly not all) have not figured out that […]
Continue reading → [DISPLAY_ACURAX_ICONS]