0 0 SecurityOrb_Staff https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png SecurityOrb_Staff2012-11-12 14:55:412012-11-12 14:55:41Windows 8 to get first ‘critical’ security update
Windows 8, available publicly for two weeks now, is getting its first security update Nov. 13. It includes three critical updates; Windows 8 RT, for Microsoft's Surface tablet, has one critical update.
0 0 SecurityOrb_Staff https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png SecurityOrb_Staff2012-10-10 14:40:552012-10-10 14:40:55Adobe Patches Flash Player in Masssive Security Update
Adobe Systems has fixed more than two dozen critical flaws in Flash Player for Windows, Macintosh, Linux and Android systems. The update is rated "critical" by Adobe, and was given the highest deployment priority rating for Windows users. Adobe is not aware of any exploits targeting the vulnerabilities, which impact Adobe Flash Player 11.4.402.278 and earlier for Windows, version 11.4.402.265 and earlier for Macs and version 188.8.131.52 and earlier for Linux. The update also impacts Flash Player 184.108.40.206 and earlier on Android 4.x versions and 220.127.116.11 and earlier on Android 3.x and 2.x.
0 0 admin https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png admin2012-07-02 13:38:502012-07-02 13:38:50“Internet Doomsday” for some, Get rid of DNSChanger Malware Now!
July 9, 2012, has been dubbed "Internet doomsday" and there is a chance you will not be able to access the Internet on your personal computer due to a malware called DNSChanger Trojan.
0 0 SecurityOrb_Staff https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png SecurityOrb_Staff2012-06-25 11:07:142012-06-25 11:07:14Microsoft XML Core Services Attack Activity – Microsoft Security Advisory (2719615)
Microsoft Security Advisory (2719615) warns of active attacks using a vulnerability in Microsoft XML Core Services. Microsoft Internet
https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png 0 0 SecurityOrb_Staff https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png SecurityOrb_Staff2011-10-05 12:26:362011-10-05 12:26:36Revir Malware for OS X Undergoes Revision
Recently a new PDF-based malware threat for OS X was discovered that displays a Chinese PDF file while it installs and runs its malicious code in the background. While the initial version of this malware (OSX/Revir.A) was detected over a week ago, the criminals developing the code are busy revising and refining it, and over the weekend a variant has been identified (OSX/Revir.B). As with all malware, new versions of these threats are likely to surface in the future, and as they do, expect malware detection utilities (including Apple's XProtect) to follow close behind and label them alphabetically as they appear.
0 0 SecurityOrb_Staff https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png SecurityOrb_Staff2011-08-29 12:28:482011-08-29 12:28:48Morto Computer Worm Infecting Computers via Remote Desktop Protocol (RDP)
A new worm called Morto has begun making the rounds on the Internet in the last couple of days, infecting machines via RDP (Remote Desktop Protocol). The worm is generating a large amount of outbound RDP traffic on networks that have infected machines, and Morto is capable of compromising both servers and workstations running Windows. If you have any questions or need assistance, please let me know and I will follow up with you. Additional Information: • http://threatpost.com/en_us/blogs/new-worm-morto-using-rdp-infect-windows-pcs-082811 • http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3aWin32%2fMorto.A • http://blogs.computerworld.com/18870/morto_worm_spreading_fast_via_rdp?af
https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png 0 0 SecurityOrb_Staff https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png SecurityOrb_Staff2011-06-14 11:40:032011-06-14 11:40:03HD Moore “Bounty: 30 Exploits, $5,000.00, in 5 weeks”
The Metasploit team is excited to announce a new incentive for community exploit contributions: Cash! Running until July 20th, our Exploit Bounty program will pay out $5,000 in cash awards (in the form of American Express gift cards) to any community member that submits an accepted exploit module for an item from our Top 5 or Top 25 exploit lists. This is our way of saying thanks to the open source exploit development community and encouraging folks who may not have written Metasploit modules before to give it a try.
https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png 0 0 SecurityOrb_Staff https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png SecurityOrb_Staff2011-05-16 14:31:102011-05-16 14:31:10Threat Outbreak Alert: Fake Bin Laden Pictures E-mail Messages on May 13, 2011
Cisco Security Intelligence Operations has detected significant activity related to Portuguese-language spam e-mail messages that claim to contain pictures of Osama Bin Laden The text in the e-mail message instructs the recipient to open a .zip attachment to view the pictures. However, the .zip attachment contains a malicious .scr file that, when executed, attempts to infect the system with malicious code.
https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png 0 0 SecurityOrb_Staff https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png SecurityOrb_Staff2010-11-24 10:51:002010-11-24 10:51:00Apache Tomcat HTTP Server Directory Traversal
Apache Tomcat is the servlet container for JavaServlet and JavaServer Page Web applications. A vulnerability in Apache Tomcat HTTP server may allow for directory traversal attacks. The vulnerability is cause by a misconfiguration of certain modules. An attacker could craft a special URL to view directories and files on the HTTP server without authorization.
https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png 0 0 admin https://www.securityorb.com/wp-content/uploads/2020/06/SecurityOrb_Logo-1.png admin2010-09-22 11:47:052010-09-22 11:47:05Stuxnet was a directed attack with insider knowledge expert says
Stuxnet appeared on the scene earlier this summer, though it was written more than a year ago. The code, its mechanics, the way it moved from system to system using Zero-Day vulnerabilities in Windows, everything about it was both frightening and shady. The hype given to it was justified, if only because it was a targeted payload, aimed at critical infrastructure.