Security Incident — Blog — WordPress.com [ wordpress.com got 0wned]
Wednesday, April 13th, 2011this is just great … at least they notified their users in a timely manner. Change your passwd if you have wordpress.com account.
this is just great … at least they notified their users in a timely manner. Change your passwd if you have wordpress.com account.
Posted in hacking, infosec, password, Security, wordpress | Comments Off | permalink
Amazon AWS is “PCI DSS 2.0 Level 1 -compliant Shared Hosting Provider”. i.e. you can build your PCI-DSS compliant infrastructure using EC2, S3, EBS and VPC to store and process payment card data
Posted in amazon, aws, certification, cloud, creditcard, pci, Security | Comments Off | permalink
[also see LWN's write-up https://lwn.net/Articles/435214/ .] Curios message [allegedly] from a person who hacked into Comodo CA. Makes you wonder … Basically the whole SSL trust is just a piece of crap and cannot be trusted at all — major CA …
Posted in browser, hacking, infosec, internet, Security, ssl | Comments Off | permalink
an excellent follow up on a hoax story about Samsung installing keyloggers on its laptops.
Posted in article, false, infosec, media, research, Security | Comments Off | permalink
awesome story about how security firm HBGary was hacked, or what happens if you do not follow simple security best practices.
Posted in anonymous, bestpractices, email, hack, hacking, hbgary, infosec, password, Security | Comments Off | permalink
articles describes operations of computer security firm HBGary, based on email archive of HBGary, that hacker group "Anonymous" has recently made available
Posted in anonymous, arstechnica, article, government, hacking, hbgary, infosec, malware, Security, technology, usa | Comments Off | permalink
checks versions of all plugins installed/enabled in your web browser
Posted in browser, firefox, plugin, Security, software, tools, web | Comments Off | permalink
Stuxnet was a targeted attack on five different organizations — see the update posted by Symantec's researchers.
They have analyzed data from anti-virus software and made a graph based on IP and stuxnet version — this shows 5 different targets.
Posted in infosec, research, Security, stuxnet, symantec | Comments Off | permalink
curl -v -H "Accept-Language: en-us;q=2.2250738585072012e-308" http://<your tomcat server>/someurl if your tomcat/Jboss/whatver runs on unlatched JVM — the thread will go into infinite loop
also see http://blogs.oracle.com/security/…
Posted in cve, infosec, java, Security, sysadmin | Comments Off | permalink
You are currently browsing the archives for the Security category.
Konstantin Antselovich (c) 2004-2011
powered by WordPress
Entries (RSS)
and Comments (RSS).