FCC, FTC to Hold Forum on Cell Phones Tracking Users

May 31, 2011 admin 0

The Federal Communications Commission (FCC) and the Federal Trade Commission (FTC) plan a public forum next month on privacy concerns about cell phones and their ability to track the location of users.

The June 28 forum will include recommended best practices individuals can use to guard their privacy. […]

Enabling a CAC Card Reader on Ubuntu 10.04

May 31, 2011 fdesir 1

I recently installed Ubuntu 10.04 on a PC and for those of you who utilize a Linux or a Mac-based system with a need to access a CAC card reader you are in luck. I have researched all over the Internet and found the best site with full instruction on how installed a CAC reader that will work with Ubuntu and Firefox 3. […]

SANS Boston 2011

May 29, 2011 admin 0

SANS will be back in Boston, MA with an exceptional information security training lineup this August. Why not get your management, security, and forensics training at SANS Boston 2011 on August 8-15? We are bringing our top courses and best instructors to make this the perfect training event for you! Register before June 29 and save $400. […]

Black Hat // Webcast 28 – HTTP Parameter Pollution Vulnerabilities in Web Applications

May 17, 2011 SecurityOrb_Staff 0

While input validation vulnerabilities such as XSS and SQL injection have been intensively studied, a new class of injection vulnerabilities called HTTP Parameter Pollution (HPP) has not received as much attention. HPP attacks consist of injecting encoded query string delimiters into other existing parameters. If a web application does not properly sanitize the user input, a malicious user can compromise the logic of the application to perform either client-side or server-side attacks. This talk analyzes HTTP Parameter Pollution and presents the first automated system for the detection of HPP flaws in real web applications. We used this system to conduct a large-scale experiment by testing more than 5,000 popular websites and discovering unknown HPP bugs in many important and well-known sites such as Microsoft, Google, VMWare and PayPal. In this presentation we will describe the details of the architecture and of the algorithms we implemented to efficiently detect HPP vulnerabilities. We will conclude by discussing the HPP phenomenon and giving suggestions on how to prevent this novel class of injection vulnerabilities in future web applications. […]

Threat Outbreak Alert: Fake Bin Laden Pictures E-mail Messages on May 13, 2011

May 16, 2011 SecurityOrb_Staff 0

Cisco Security Intelligence Operations has detected significant activity related to Portuguese-language spam e-mail messages that claim to contain pictures of Osama Bin Laden The text in the e-mail message instructs the recipient to open a .zip attachment to view the pictures. However, the .zip attachment contains a malicious .scr file that, when executed, attempts to infect the system with malicious code. […]

Sourcefire® National Seminar Series

May 13, 2011 SecurityOrb_Staff 0

Cyberthreats are evolving. Networks are evolving. And so are your security requirements.

Against a backdrop of cyber opponents who are faster, smarter, more prevalent, more targeted, and more elusive than ever before, how can you protect the growing number and types of operating systems, applications, services and users on your network? […]


May 12, 2011 SecurityOrb_Staff 0

If you like what the SANS Internet Storm Center (ISC) provides to the cyber security community, then you will love SANSFIRE! SANSFIRE 2011 is the one annual training event powered by the ISC. This years event will be held in Washington DC, July 15-24, and includes more than 25 courses and dozens of up-to-the-minute field reports from ISC handlers.Each evening, the ISC handlers share riveting talks on their most interesting experiences and newest cyber hazards. These special presentations are free to everyone who attends a course at SANSFIRE 2011. […]

1 2