Geeks "R" Us: Google Alert - Vulnerabilities

=== News - 10 new results for [Vulnerabilities] ===

Tibet.A malware for OS X uses Flashback Java vulnerabilities
CNET
As with the Flashback malware, since this vulnerability only requires
access to the user's account, no password is required to run or install it,
provided users are running older versions of Java and have Java enabled on
their browsers.
<http://reviews.cnet.com/8301-13727_7-57405449-263/tibet.a-malware-for-os-x-uses-flashback-java-vulnerabilities/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://reviews.cnet.com/8301-13727_7-57405449-263/tibet.a-malware-for-os-x-uses-flashback-java-vulnerabilities/&hl=en&geo=us>

IT Supply Chain Security Weak at Major US Agencies, Says GAO
PCWorld
With agencies buying hardware pieced together from components made all over
the world, they need to check their purchases for vulnerabilities that
could slip in at any point in the manufacturing and shipping process,
Gregory Wilshusen, GAO's director ...
<http://www.pcworld.com/businesscenter/article/252703/it_supply_chain_security_weak_at_major_us_agencies_says_gao.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.pcworld.com/businesscenter/article/252703/it_supply_chain_security_weak_at_major_us_agencies_says_gao.html&hl=en&geo=us>

Study: Open source libraries propagate security flaws
Java World
By Robert Lemos, InfoWorld, 03/27/12 Although companies such as Microsoft,
Adobe, and Mozilla have raised awareness of secure programming practices in
recent years, getting developers to adopt best practices to weed out
vulnerabilities in program code ...
<http://www.javaworld.com/javaworld/jw-03-2012/120327-open-source-libraries-propagate-security-flaws.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.javaworld.com/javaworld/jw-03-2012/120327-open-source-libraries-propagate-security-flaws.html&hl=en&geo=us>

What to do before and after a digital security breach
Washington Post
Reports show that during 2010, most Web sites were exposed to at least one
serious security vulnerability. This one vulnerability is enough to lead to
a large breach resulting in lost data. This doesn't mean you should abandon
all hope, but rather you ...
<http://www.washingtonpost.com/business/on-small-business/what-to-do-before-and-after-a-digital-security-breach/2012/03/10/gIQAdNCKeS_story.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.washingtonpost.com/business/on-small-business/what-to-do-before-and-after-a-digital-security-breach/2012/03/10/gIQAdNCKeS_story.html&hl=en&geo=us>

Are Open Source Libraries Any More Vulnerable Than Closed Source?
Network World
As noted in Ellen's article some of the biggest libraries that are used and
have known vulnerabilities are Google Web Toolkit (GWT); Apache Xerces;
Spring MVC; and Struts 1.x. The study was pretty exhaustive. Again from
Ellen's article: - 19.8 million ...
<http://www.networkworld.com/community/node/80139>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.networkworld.com/community/node/80139&hl=en&geo=us>

Android: a new OS needing a new approach
ITWeb
Vulnerabilities in Android devices and applications pose a potential threat
to users' security, says information security consultant Tyrone Erasmus.
Android devices and applications have a number of potential vulnerabilities
just waiting to be ...
<http://www.itweb.co.za/index.php?option=com_content&view=article&id=53003:android-a-new-os-needing-a-new-approach&catid=234>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.itweb.co.za/index.php%3Foption%3Dcom_content%26view%3Darticle%26id%3D53003:android-a-new-os-needing-a-new-approach%26catid%3D234&hl=en&geo=us>

iOS Exploits Go for $250000 These Days
Tom's Guide
Software vulnerabilities can earn big money, and we are not talking about
$1000 or even a $10000 bonus Google pays out to its bug reporters. Finding
the right vulnerability and selling it as a zero-day exploit to the right
person could be just as ...
<http://www.tomsguide.com/us/hacker-security-exploit-zero-day-hacks,news-14585.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.tomsguide.com/us/hacker-security-exploit-zero-day-hacks,news-14585.html&hl=en&geo=us>

Bayshore Networks Founder, CEO Francis Cianfrocca to Present Securing
Critical ...
MarketWatch (press release)
... Center in Washington, DC Despite heightened recognition and awareness
of vulnerabilities in Industrial Control Systems (ICS), the widening gap
between ICS vulnerabilities and commonly deployed security technology
presents a troubling disparity.
<http://www.marketwatch.com/story/bayshore-networks-founder-ceo-francis-cianfrocca-to-present-securing-critical-infrastructure-april-5-at-appsec-dc-2012-2012-03-27>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/bayshore-networks-founder-ceo-francis-cianfrocca-to-present-securing-critical-infrastructure-april-5-at-appsec-dc-2012-2012-03-27&hl=en&geo=us>

Lawmakers push DoD, Energy for answers on IT supply chain security
FederalNewsRadio.com
... installation of counterfeit items, disruption in the production or
distribution of critical products, reliance on unqualified or malicious
service providers and installation of hardware or software containing
unintended vulnerabilities.
<http://www.federalnewsradio.com/?nid=473&sid=2804599>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.federalnewsradio.com/%3Fnid%3D473%26sid%3D2804599&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Geeks "R" Us