Month: June 2012

1.5 Million Records Compromised In Global Payments Breach

v3.co.uk: Card processing firm Global Payments has provided more detail on the attack on its computer systems earlier this year, warning that the attackers may have had access to unspecified personal data. Global Payments confirmed the attackers had access to details of 1.5 million cards, but it said the attack had now been contained. Global …

1.5 Million Records Compromised In Global Payments Breach Read More »

LinkedIn spam, exploits and Zeus: a deadly combination ?

Is this the perfect recipe for a cybercriminal ?: Hacking LinkedIn’s password (and possibly user-) database. Sending an email to all obtained email addresses, which is urging you to check your LinkedIn inbox as soon as possible. A user unawarely clicking on the link. An exploit gets loaded. Malware gets dropped. Malware gets executed. User’s …

LinkedIn spam, exploits and Zeus: a deadly combination ? Read More »

Microsoft revises its certificate management

The H-Online: In response to the Flame worst-case scenario, Microsoft has now integrated a custom block list feature for its certificate store under Windows. The feature was deployed as part of this month’s Patch Tuesday. The Flame worm had spread via Windows Update feature by manipulating the certificates that were intended to protect Windows updates …

Microsoft revises its certificate management Read More »

Critical holes closed in Microsoft’s June Patch Tuesday

The H-Online: Microsoft has released seven security bulletins fixing a total of 27 security holes, 13 of them in Internet Explorer. The rest of the patches affect all currently supported Windows versions, the .NET Framework, Remote Desktop, Lync and Dynamics AX. A patch that had been announced for Visual Basic for Applications has yet to …

Critical holes closed in Microsoft’s June Patch Tuesday Read More »

Google closes persistent XSS holes in Gmail

The H-online: Google has closed several cross-site scripting (XSS) holes in its Gmail email service – which has more than 350 million active users – that could have allowed an attacker to inject a malicious client-side script into a victim’s system. Security researcher Nils Juenemann discovered the three different XSS vulnerabilities in Gmail and disclosed …

Google closes persistent XSS holes in Gmail Read More »

I don’t want to hear about flowers, I like death and destruction

I can’t stand to let them win, I’m just watching them, And I don’t know what to do, Feeling like a fool inside, Feeling all the hurt… Thought they were my friends. Never mind… Let’s talk about something else, What super-power you wished in your life to have? I mean something like Time-travel, going invisible, …

I don’t want to hear about flowers, I like death and destruction Read More »

Sandboxed Flash Player for Firefox: Adobe Flash update closes several critical holes

The H-Online: Adobe has announced the release of an update for Flash Player on Windows, Mac, Linux, Android 3.x and 4.x, and within its own AIR runtime. The update addresses several critical vulnerabilities which involve memory corruption, stack overflows, integer overflows, security being bypassed, null dereferencing and binary planting (DLL hijacking). All, except the security …

Sandboxed Flash Player for Firefox: Adobe Flash update closes several critical holes Read More »