Date: 03/07/09 (Computer Help)    Keywords: software, security, virus, spyware

What is the best way to remove virus, spyware, adware, anything malicious really>?
Is running my security software in safe mode the best way to get rid of all these things>?

Source: http://community.livejournal.com/computer_help/954654.html

Date: 03/10/09 (Web Technology)    Keywords: asp, sql, security, web

According to a security group going under the name of TeamElite, the international sites of Kaspersky Iran (kasperskylabs.ir), Taiwan (web.kaspersky.com.tw) and South Korea (kasperskymall.co.kr) are susceptible to SQL injection attacks, allowing the injection of malicious iFrames and potentially assisting malicious attackers into obtaining sensitive data from the web sites in...

Source: http://blogs.zdnet.com/security/?p=2842

Date: 03/10/09 (Security)    Keywords: security

Can you teach an old employee new phishing protection tricks? In a recently presented study by the Intrepidus Group, the company behind the PhishMe.com spear phishing awareness service allowing companies to ethically attempt to phish their employees on their way to build security awareness, presents some interesting...

Source: http://blogs.zdnet.com/security/?p=2846

Date: 03/10/09 (Security)    Keywords: asp, sql, security, web

According to a security group going under the name of TeamElite, the international sites of Kaspersky Iran (kasperskylabs.ir), Taiwan (web.kaspersky.com.tw) and South Korea (kasperskymall.co.kr) are susceptible to SQL injection attacks, allowing the injection of malicious iFrames and potentially assisting malicious attackers into obtaining sensitive data from the web sites in...

Source: http://blogs.zdnet.com/security/?p=2842

Date: 03/09/09 (Security)    Keywords: security

Rod Beckworth quits after a year on the job, saying he won't be subjugated to National Security Agency. But does Obama support NSA dominance here? by Richard Koman

Source: http://government.zdnet.com/?p=4448

Date: 03/09/09 (Security)    Keywords: technology, security, spam

Last week Twitter user Fausto Cepeda asked Ryan if we could go beyond discussing straight security news and talk about product and technology trends on the blog. It was perfect timing. Cloudmark (disclosure: yes, this is my employer) has announced that they have been providing anti-spam...

Source: http://blogs.zdnet.com/security/?p=2834

Date: 03/09/09 (Security)    Keywords: security

Rod Beckstrom, an author and Silicon Valley entrepreneur, has resigned the position of National Director of Cybersecurity. Mr. Beckstrom's position, which reported to the head of DHS, involved wrestling the all of the different Federal agencies into forming a coherent cybersecurity policy. His role...

Source: http://blogs.zdnet.com/security/?p=2832

Date: 03/08/09 (Security)    Keywords: security

Radio Free Europe is reporting that an official from Putin's party has publicly stated that he orchestrated the 2007 DDoS Attacks on Estonia. The information security and military communities have been speculating for the past two years about who were the primary actors behind the 2007 Estonian...

Source: http://blogs.zdnet.com/security/?p=2828

Date: 03/06/09 (Security)    Keywords: security

Someone hacked the Twitter account of ZDNet colleague, Dennis Howlett, exposing security as a serious Twitter weakness. by Michael Krigsman

Source: http://blogs.zdnet.com/projectfailures/?p=2229

Date: 03/06/09 (Security)    Keywords: security

The Azerbaijan section at the United States Agency for International Development (azerbaijan.usaid.gov) has been compromised and is embedded with malware and exploits serving scripts approximately around the 1st of March. The malicious script is taking advantage of a series of redirects which are dynamically loading live exploits, or rogue security...

Source: http://blogs.zdnet.com/security/?p=2817

Date: 03/06/09 (Security)    Keywords: software, security

Dan J. Bernstein has acknowledged an exploitable security flaw in his djbdns software and has made good on a public security guarantee -- to pay $1000 to the first person to publicly report a verifiable security hole in the latest version of the popular DNS name server. ...

Source: http://blogs.zdnet.com/security/?p=2812

Date: 03/06/09 (Security)    Keywords: security

Apple has released a firmware update with fixes for three documented security vulnerabilities affecting its Time Capsule and AirPort Base Station products. The vulnerabilities could lead to denial-of-service or information disclosure attacks via specially crafted packets. Details on the vulnerabilities: ...

Source: http://blogs.zdnet.com/security/?p=2799

Date: 03/05/09 (Security)    Keywords: software, security, microsoft

Microsoft today outlined plans to ship three security bulletins for software vulnerabilities in the Windows operating system. One of the three bulletins will carry a "critical" rating, meaning that it will cover flaws that could be exploited to launch remote code execution attacks. ...

Source: http://blogs.zdnet.com/security/?p=2794

Date: 03/05/09 (Security)    Keywords: security

A new report from Secunia is pouring more gas on the Internet Explorer vs. Mozilla Firefox security debate. The security alerts aggregator collected and crunched the numbers on security flaws publicly reported -- and fixed -- by the two vendors and found that Mozilla easily won the...

Source: http://blogs.zdnet.com/security/?p=2786

Date: 03/05/09 (Security)    Keywords: security

Guest editorial by Andrew Storms Transparency is a common theme in politics and Wall Street these days. The 2008 elections, dealings of TARP, financial institutions run a-muck are all places where we hear the word transparency bandied about on a daily basis. While many security professionals speak...

Source: http://blogs.zdnet.com/security/?p=2783

Date: 03/05/09 (Security)    Keywords: software, security

Mozilla today shipped Firefox 3.0.7 with fixes for at least eight security flaws, some rated critical. The most serious of the vulnerabilities could be exploited by attackers to run code and install software, requiring no user interaction beyond normal browsing, Mozilla warned in...

Source: http://blogs.zdnet.com/security/?p=2778

Date: 02/22/09 (WebDesign)    Keywords: php, mysql, html, sql, security

I require the services of a PHP Coder for about 2-3 hours of (what should be) simple work. I had a coder do the back end for a client site a few years ago, and php upgrades + less than perfect code (I guess?) has broken a few things that urgently need repairing.

One is a security hole of this nature -
http://www.devshed.com/c/a/PHP/PHP-Programs-to-Prevent-MySQL-Injection-or-HTML-Form-Abuse/

Essentially, anywhere you have a query that includes a $_REQUEST variable (or a variable that came from a $_REQUEST variable), you need to first validate the value of that variable. If it's a category, it should be a-z,A-Z,0-9 and probably should not include any apostrophes or quotation marks.

The other is an inline image resizer so when the client uploads their product images all the thumbnails + display photos are within the site guidelines and don't break the layout.

Please email info AT codebloo DOT com if you're interested. Thanks :)

Source: http://community.livejournal.com/webdesign/1471930.html

Date: 10/01/08 (Software)    Keywords: security

I have two different samba shares configured.

Can someone PLEASE tell me my one works exactly as expected (e.g. limits access to the requisite group and give them complete access) while the other one allows EVERYONE view privileges and no one has write/modify privs?

I am sure I missed something stupid.... but I am too tired to figure it out if I did.


1.
[SHAREGROUP1]
writeable = yes
write list = @sharegroup
force security mode = 111
create mask = 770
directory mask = 770
comment = Storage space for sharegroup files
user = @sharegroup
path = /data/common/ShareGroup

2.
[SHAREGROUP2]
writeable = yes
write list = @sharegroup
force security mode = 111
create mask = 770
directory mask = 770
comment = sharegroup's Drive
user = @sharegroup
path = /mnt/sharegroup

Source: http://community.livejournal.com/software/82552.html

Date: 12/16/08 (Opera Browser)    Keywords: software, browser, security, linux

Opera Software released Opera 9.63 today, which addresses several security issues. This release is a recommended security update for all those running the previous stable releases. Download it now at http://www.opera.com/browser/.

Check out the changelogs for Windows, Mac and Linux/UNIX (http://www.opera.com/docs/changelogs/).

Source: http://community.livejournal.com/opera_browser/75441.html

Date: 07/03/08 (Opera Browser)    Keywords: security, yahoo

Today we released Opera 9.51, the recommended security and stability update of Opera 9.5 (http://www.opera.com/products/desktop/). Check out the Change Log for the full details on what we’ve implemented at http://www.opera.com/docs/changelogs/windows/951/.

Some of the more notable items include:
• Saving of images is no longer recorded in transfers
• Corrected a stability issue with Yahoo! Mail
• Fine-tuned the new Opera skin
• Improved drag/drop of tabs

Hope you guys try it out!

Source: http://community.livejournal.com/opera_browser/71430.html