Discussion of public breaches of security
Managers have to make decisions as to what to focus on: HP Loadrunner vulnerability is one of those. specifically 11.52 and here is the money quote: RESOLUTION HP has provided LoadRunnner patch 11.52 Patch 1 to resolve this issue. Download the patch from HP Software Support Online (SSO). Note: For LR versions before 11.52 … Read more
IBM’s ISS explains the potential problem and with informative links: The problem is the software is vulnerable to a specially crafted HTTP request to SecurityGateway.dll using a long username parameter, a remote attacker can overflow a buffer and execute arbitrary code. This means that a system vulnerable will be potentially owned by hackers in no … Read more
Internet Storm Center has an important current status on a new malware. It scans for port 32764 and port 23 (telnet) so it can propagate and create more. It also tries to “phone home” With our help we can scan (Alpha Scan) for any machines that actually respond to this open port (32764) … Read more
According to the National Vulnerability Database Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not properly restrict the content of MyServices action URLs, which allows remote authenticated users to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history ——————————————————————————————— This vulnerability is medium, and … Read more
Krebsonsecurity has the story It happened on March 2014. After the card information is harvested, they are then sold on the hacker’s black market. It is here where the breach was found. It is not known where it happened, and how many cards were affected. The hackers black market is not that informative. Again we … Read more
