Google Alert - Vulnerabilities

=== News - 8 new results for [Vulnerabilities] ===

Hackers reveal critical vulnerabilities in Huawei routers at Defcon
Computerworld
IDG News Service - Security researchers disclosed critical vulnerabilities
in routers from Chinese networking and telecommunications equipment
manufacturer Huawei at the Defcon hackers conference on Sunday. The
vulnerabilities -- a session hijack, ...
<http://www.computerworld.com/s/article/9229785/Hackers_reveal_critical_vulnerabilities_in_Huawei_routers_at_Defcon?taxonomyId=12>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.computerworld.com/s/article/9229785/Hackers_reveal_critical_vulnerabilities_in_Huawei_routers_at_Defcon%3FtaxonomyId%3D12&hl=en&geo=us>

Report: Firm made big bucks by exploiting vulnerabilities in California
electricity ...
Washington Post
A big electricity trader may have figured out a way to exploit
vulnerabilities in the state's $8 billion-a-year electricity market, just
as Enron Corp. did a decade ago, state officials said. Authorities were
investigating a subsidiary of the New York investment bank ...
<http://www.washingtonpost.com/business/firm-apparently-made-big-bucks-by-exploiting-vulnerabilities-in-calif-electricity-trading/2012/07/30/gJQAN0qKKX_story.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.washingtonpost.com/business/firm-apparently-made-big-bucks-by-exploiting-vulnerabilities-in-calif-electricity-trading/2012/07/30/gJQAN0qKKX_story.html&hl=en&geo=us>

Expert: Huawei routers are riddled with vulnerabilities
CNET
LAS VEGAS -- A German security researcher says he has uncovered several
security holes in routers made by China-based Huawei that are used by many
Internet service providers -- vulnerabilities that could allow attackers to
take control of the devices and ...
<http://news.cnet.com/8301-1009_3-57482813-83/expert-huawei-routers-are-riddled-with-vulnerabilities/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://news.cnet.com/8301-1009_3-57482813-83/expert-huawei-routers-are-riddled-with-vulnerabilities/&hl=en&geo=us>

Weakness in Calif. electricity trading exposed
Fox News
California officials say a big electricity trader has apparently figured
out a way to exploit vulnerabilities in the state's $8 billion-a-year
electricity market, just as Enron Corp. did a decade ago. The Sacramento
Bee (http://sacb.ee/QraIh4 ) reports authorities are ...
<http://www.foxnews.com/us/2012/07/30/weakness-in-calif-electricity-trading-exposed/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.foxnews.com/us/2012/07/30/weakness-in-calif-electricity-trading-exposed/&hl=en&geo=us>

Frost & Sullivan Recognizes Verisign iDefense for its Highly Innovative
and ...
MarketWatch (press release)
"As the vulnerability landscape continues to change with the wave of new
threats, Verisign's research, which includes public vulnerability reports,
and intelligence services are just a click away," said Frost & Sullivan
Research Analyst Richard Martinez.
<http://www.marketwatch.com/story/frost-sullivan-recognizes-verisign-idefense-for-its-highly-innovative-and-successful-idefense-security-intelligence-services-2012-07-30>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/frost-sullivan-recognizes-verisign-idefense-for-its-highly-innovative-and-successful-idefense-security-intelligence-services-2012-07-30&hl=en&geo=us>

Weakness in California electricity trading exposed
Boston Herald
Share. FOLSOM, Calif. — California officials say a big electricity trader
has apparently figured out a way to exploit vulnerabilities in the state's
$8 billion-a-year electricity market, just like Enron Corp. did a decade
ago. The Sacramento Bee reports authorities ...
<http://bostonherald.com/business/general/view/20120730weakness_in_california__electricity_trading_exposed>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://bostonherald.com/business/general/view/20120730weakness_in_california__electricity_trading_exposed&hl=en&geo=us>

Payment Terminals Hacking Vulnerability Exposed at Black Hat
InternetNews.com
In a talk titled "Pinpadpwn," at the Black Hat conference last week,
security researcher Rafael Dominguez Vega and the legendary hacker known
only as Nils, explained that the attack surface for payment terminals has
grown as usage has gone up.
<http://www.internetnews.com/security/payment-terminals-hacking-vulnerability-exposed-at-black-hat.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.internetnews.com/security/payment-terminals-hacking-vulnerability-exposed-at-black-hat.html&hl=en&geo=us>

Credit Card Roulette: Payment Terminals Pwned in Vegas
Wired News (blog)
The vulnerabilities can also be used to make a fraudulent card transaction
look like it's been accepted when it hasn't been, printing out a receipt to
fool a salesclerk into thinking items have been successfully purchased. Or
an attacker can design a hack that ...
<http://www.wired.com/threatlevel/2012/07/pinpadpwned/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.wired.com/threatlevel/2012/07/pinpadpwned/&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 1 new result for [Vulnerabilities] ===

Power Plant Hack Talk, Free Tools Pulled From Def Con Lineup
Dark Reading
The much-anticipated "SCADA Strangelove: How I Learned To Start Worrying
And Love The Nuclear Plants" talk was quietly replaced a week ago with
another presentation by researcher Wesley McGrew on HMI interface
vulnerabilities in process control ...
<http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/240004520/power-plant-hack-talk-free-tools-pulled-from-def-con-lineup.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/240004520/power-plant-hack-talk-free-tools-pulled-from-def-con-lineup.html&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 2 new results for [Vulnerabilities] ===

Hackers Convene To Find Mobile Security Flaws
North Country Public Radio
The gathering was designed to bring together cybersecurity experts --
including the top hackers in the business -- to expose vulnerabilities
before criminals uncover them. The big focus this year was on mobile
phones. Comments |. This week thousands of ...
<http://www.northcountrypublicradio.org/news/npr/157538677/hackers-look-at-vulnerability-of-mobile-phones>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.northcountrypublicradio.org/news/npr/157538677/hackers-look-at-vulnerability-of-mobile-phones&hl=en&geo=us>

Hackers Look At Vulnerability Of Mobile Phones
KUHF-FM
This week Las Vegas saw the world's largest hacking party, and it was all
legal. With annual conventions like Black Hat and Defcon, the conferences
are designed to bring together the best and the brightest in cyber security
- including the top hackers in the ...
<http://app1.kuhf.org/articles/npr1343510725-Hackers-Look-At-Vulnerability-Of-Mobile-Phones.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://app1.kuhf.org/articles/npr1343510725-Hackers-Look-At-Vulnerability-Of-Mobile-Phones.html&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 8 new results for [Vulnerabilities] ===

Olympic vulnerability
Philippine Star
But the same vulnerabilities remain, and will likely not change for a very
long time. To begin with, the International Olympic Committee does not
really run the individual events of the Games themselves. Each sport is run
by its own International Federation (IF).
<http://www.philstar.com/Article.aspx?articleId=832044&publicationSubCategoryId=69>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.philstar.com/Article.aspx%3FarticleId%3D832044%26publicationSubCategoryId%3D69&hl=en&geo=us>

CTS assesses security vulnerabilities at Western Psychiatric Institute and
Clinic ...
MarketWatch (press release)
PITTSBURGH, July 27, 2012 /PRNewswire via COMTEX/ -- Employees at the
Western Psychiatric Institute and Clinic are disheartened with the
facility's security measures after John Shick gunned down six employees,
killing one of them. "I don't feel any safer ...
<http://www.marketwatch.com/story/cts-assesses-security-vulnerabilities-at-western-psychiatric-institute-and-clinic-after-fatal-shootings-2012-07-27>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/cts-assesses-security-vulnerabilities-at-western-psychiatric-institute-and-clinic-after-fatal-shootings-2012-07-27&hl=en&geo=us>

Bump To Pay -- Or Bump To Hack?
CIO Today
"The short answer is that while there do seem to be security
vulnerabilities with NFC, there's little evidence that they constitute a
serious threat," Charles King, principal analyst of Pund-IT · Relevant
Products/Services told us Friday. "That's because the ...
<http://www.cio-today.com/news/Bump-To-Pay----Or-Bump-To-Hack-/story.xhtml?story_id=12300C3HM0GF>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.cio-today.com/news/Bump-To-Pay----Or-Bump-To-Hack-/story.xhtml%3Fstory_id%3D12300C3HM0GF&hl=en&geo=us>

The real impact of Microsoft's Blue Hat prize
ZDNet (blog)
Two, we see an increase in vulnerability reports from students that have
more free time away from school. And three, it means the security community
is converging in Las Vegas for the Black Hat and DEFCON security
conferences. This will be my twelfth ...
<http://www.zdnet.com/the-real-impact-of-microsofts-blue-hat-prize-7000001592/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.zdnet.com/the-real-impact-of-microsofts-blue-hat-prize-7000001592/&hl=en&geo=us>

Gauging the Severity of Software Feature Misuse
GovInfoSecurity.com
To help organizations minimize those vulnerabilities, the National
Institute of Standards and Technology has issued a new guide that describes
a scoring system information security managers can use to assess the
severity of security risks arising from ...
<http://www.govinfosecurity.com/gauging-severity-software-feature-misuse-a-4993>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.govinfosecurity.com/gauging-severity-software-feature-misuse-a-4993&hl=en&geo=us>

Facebook invites white hats to attack its corporate network
Help Net Security
Nearly a year ago, Facebook introduced its bug bounty program, inviting
security researchers to poke around the site, discover vulnerabilities that
could compromise the integrity or privacy of Facebook user data, and then
responsibly disclose them to the ...
<http://www.net-security.org/secworld.php?id=13332>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.net-security.org/secworld.php%3Fid%3D13332&hl=en&geo=us>

Facebook pays hackers over $400000 to hunt down security bugs
The Verge
Facebook doesn't offer bounties for vulnerabilities relating to denial of
service, spamming techniques, third party app vulnerabilities, or third
party site vulnerabilities with Facebook integration. The company hopes
that by continually cultivating relationships ...
<http://www.theverge.com/2012/7/27/3193634/facebook-hacker-bounties>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.theverge.com/2012/7/27/3193634/facebook-hacker-bounties&hl=en&geo=us>

Seattle security startup seeks to eliminate vulnerable code from the public
domain
GeekWire
Code vulnerabilities that propagate through code reuse (i.e. copy/paste)
are no laughing matter. One small error, like an unchecked buffer, can find
its way into tens or even hundreds of different projects and products. The
risks are particularly acute when ...
<http://www.geekwire.com/2012/seattle-security-startup-seeks-eliminate-vulnerable-code/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.geekwire.com/2012/seattle-security-startup-seeks-eliminate-vulnerable-code/&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 9 new results for [Vulnerabilities] ===

Vulnerability Intelligence Versus Vulnerability Management
Forbes
Ten years ago I was one of those ivory-tower analysts that would issue
warnings to enterprise clients to patch their servers whenever a new
critical vulnerability in Microsoft was announced. Bear in mind that this
was before Microsoft consolidated all of their ...
<http://www.forbes.com/sites/richardstiennon/2012/07/26/vulnerability-intelligence-versus-vulnerability-management/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.forbes.com/sites/richardstiennon/2012/07/26/vulnerability-intelligence-versus-vulnerability-management/&hl=en&geo=us>

Vulnerabilities in Payment Terminals Demonstrated at Black Hat
PCWorld
The vulnerabilities were demonstrated Wednesday at the Black Hat USA 2012
security conference by MWR's head of research, a German security researcher
who only identifies himself as "Nils," and Rafael Dominguez Vega, a Spanish
security researcher ...
<http://www.pcworld.com/businesscenter/article/259882/vulnerabilities_in_payment_terminals_demonstrated_at_black_hat.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.pcworld.com/businesscenter/article/259882/vulnerabilities_in_payment_terminals_demonstrated_at_black_hat.html&hl=en&geo=us>

Microsoft Publishes Workaround for Oracle Outside In Vulnerability
Threatpost (blog)
Microsoft gave its users steps earlier this week to sidestep a
vulnerability in one of Oracle's Outside In libraries. The company
published some mitigations for the bug, but said it isn't aware of any
active attacks against it yet. The Oracle technology is licensed by ...
<http://threatpost.com/en_us/blogs/microsoft-publishes-workaround-oracle-outside-vulnerability-072612>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://threatpost.com/en_us/blogs/microsoft-publishes-workaround-oracle-outside-vulnerability-072612&hl=en&geo=us>

Software features and inherent risks: NIST's guide to rating software ...
Phys.Org
"No system is 100 percent secure: every system has vulnerabilities,"
according to the report. While attention often focuses on software flaws,
for example system crashes, software features also introduce
vulnerabilities because intentional or accidental ...
<http://phys.org/news/2012-07-software-features-inherent-nist-vulnerabilities.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://phys.org/news/2012-07-software-features-inherent-nist-vulnerabilities.html&hl=en&geo=us>

Black Hat: Oracle database vulnerabilities exposed again
ComputerworldUK
Visitors to the Black Hat security conference in Las Vegas have seen renown
expert David Litchfield score again against Oracle's database by
demonstrating an exploit that would allow him to take control as an
administrator. Litchfield, chief security architect ...
<http://www.computerworlduk.com/news/security/3372534/black-hat-oracle-database-vulnerabilities-exposed-again/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.computerworlduk.com/news/security/3372534/black-hat-oracle-database-vulnerabilities-exposed-again/&hl=en&geo=us>

NIST proposes new software vulnerability measurement system
FierceGovernmentIT
As a result, it proposes in an interagency report (.pdf) released earlier
this month a new vulnerability measurement system that would assess
software feature misuse vulnerabilities. The new system, which NIST calls
the Common Misuse Scoring System, ...
<http://www.fiercegovernmentit.com/story/nist-proposes-new-software-vulnerability-measurement-system/2012-07-26>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.fiercegovernmentit.com/story/nist-proposes-new-software-vulnerability-measurement-system/2012-07-26&hl=en&geo=us>

New tool spots hacking vulnerabilities in smart meters
GCN.com
LAS VEGAS — Researchers probing the security of smart-grid technology
presented their results at the Black Hat Briefings, and released a tool to
help spot vulnerabilities in new smart meters. "People are going to be
messing with the meters," said Don C.
<http://gcn.com/articles/2012/07/26/4th-black-hat-smart-meter-vulnerabilities.aspx>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://gcn.com/articles/2012/07/26/4th-black-hat-smart-meter-vulnerabilities.aspx&hl=en&geo=us>

Black Hat: Most Java malware exploits "type confusion" vulnerability
SC Magazine
Java malware targets certain types of vulnerabilities, and "type confusion"
is the most common class being exploited, Jeong Wook (Matt) Oh, a Microsoft
researcher, told attendees Thursday at the Black Hat conference in Las
Vegas. Type confusion refers to ...
<http://www.scmagazine.com/black-hat-most-java-malware-exploits-type-confusion-vulnerability/article/252145/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.scmagazine.com/black-hat-most-java-malware-exploits-type-confusion-vulnerability/article/252145/&hl=en&geo=us>

Qualys Adds IPv6 Support to FreeScan Service
MarketWatch (press release)
Using FreeScan, organizations can now scan IPv6 devices to detect possible
vulnerabilities and take the steps necessary to remediate them. IPv6 is the
new communications protocol developed to succeed IPv4 due to IP address
space limitations.
<http://www.marketwatch.com/story/qualys-adds-ipv6-support-to-freescan-service-2012-07-26>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/qualys-adds-ipv6-support-to-freescan-service-2012-07-26&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 9 new results for [Vulnerabilities] ===

GFI Software Launches GFI LanGuard 2012
MarketWatch (press release)
Strong Vulnerability Assessment for Network Devices - Network devices such
as printers, routers and switches from manufacturers such as HP and Cisco
can now be detected and scanned for vulnerabilities. GFI LanGuard 2012
performs over 50000 checks ...
<http://www.marketwatch.com/story/gfi-software-launches-gfi-languard-2012-2012-07-24>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/gfi-software-launches-gfi-languard-2012-2012-07-24&hl=en&geo=us>

nCircle Suite360(TM) Now Discovers Over 63000 Conditions and 10000
Unique ...
MarketWatch (press release)
SAN FRANCISCO, Jul 24, 2012 (BUSINESS WIRE) -- nCircle, the leader in
information risk and security performance management, today announced that
its solutions now discover over 63000 conditions, including
vulnerabilities, configurations, operating ...
<http://www.marketwatch.com/story/ncircle-suite360tm-now-discovers-over-63000-conditions-and-10000-unique-applications-2012-07-24>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/ncircle-suite360tm-now-discovers-over-63000-conditions-and-10000-unique-applications-2012-07-24&hl=en&geo=us>

Scan Android for unpatched vulnerabilities
Help Net Security
X-Ray scans your Android device to determine whether there are
vulnerabilities that remain unpatched by your carrier. The X-Ray app
presents you with a list of vulnerabilities that it is able to identify and
allows you to check for the presence of each ...
<http://www.net-security.org/secworld.php?id=13305>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.net-security.org/secworld.php%3Fid%3D13305&hl=en&geo=us>

How to Improve Your Application Security Practices
CIO
The number of serious vulnerabilities in applications declined in 2011, but
they are still common. Improving your application security posture requires
determining whether you're a target of opportunity or a target of choice
and understanding your development ...
<http://www.cio.com/article/711879/How_to_Improve_Your_Application_Security_Practices>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.cio.com/article/711879/How_to_Improve_Your_Application_Security_Practices&hl=en&geo=us>

Hacker exposes the vulnerability of hotel locks used in over 4 million
hotel rooms
Ubergizmo
Hacker exposes the vulnerability of hotel locks used in over 4 million
hotel rooms. By Tyler Lee on 07/24/2012 03:58 PDT. We're sure that you guys
have seen movies where hackers have attempted to break into rooms which use
security cards by attaching ...
<http://www.ubergizmo.com/2012/07/hacker-exposes-the-vulnerability-of-hotel-locks-used-in-over-4-million-hotel-rooms/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.ubergizmo.com/2012/07/hacker-exposes-the-vulnerability-of-hotel-locks-used-in-over-4-million-hotel-rooms/&hl=en&geo=us>

Duo Security releases X-Ray security app for Android
Android Community
It takes a dedicated person to stay up-to-date on all of the security
vulnerabilities in any given system, and that isn't any different on
Android. Thankfully for Android users, Duo Security has released a new
DARPA-funded security app called X-Ray that will ...
<http://androidcommunity.com/duo-security-releases-x-ray-security-app-for-android-20120724/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://androidcommunity.com/duo-security-releases-x-ray-security-app-for-android-20120724/&hl=en&geo=us>

Skybox Security to Exhibit at Black Hat 2012
MarketWatch (press release)
At the conference, Skybox personnel will be available to discuss its latest
offering, Skybox Risk Control 6.5, the first integrated vulnerability
management solution that detects network vulnerabilities in an automated
and non-disruptive manner, without an active ...
<http://www.marketwatch.com/story/skybox-security-to-exhibit-at-black-hat-2012-2012-07-24>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/skybox-security-to-exhibit-at-black-hat-2012-2012-07-24&hl=en&geo=us>

Solera Networks to Showcase Advanced Persistent Security™ for Advanced ...
EON: Enhanced Online News (press release)
Solera Networks is also participating as a lead sponsor of the popular Wall
of Sheep at DEF CON 20 – an interactive demonstration highlighting
security vulnerabilities undetected by many users. The Wall of Sheep team
will be using Solera Networks ...
<http://eon.businesswire.com/news/eon/20120724006179/en/Solera-Networks/Black-Hat/DEF-CON>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://eon.businesswire.com/news/eon/20120724006179/en/Solera-Networks/Black-Hat/DEF-CON&hl=en&geo=us>

Duo Security Launches X-Ray Android Security App
eSecurity Planet
"X-Ray doesn't look for malicious apps, as some existing security scanners
do, but instead searches for a set of known vulnerabilities in the core
Android operating system, some of which have been used in the wild by
malware and attackers," writes ...
<http://www.esecurityplanet.com/mobile-security/duo-security-launches-x-ray-android-security-app.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.esecurityplanet.com/mobile-security/duo-security-launches-x-ray-android-security-app.html&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 9 new results for [Vulnerabilities] ===

New X-Ray Android Security App Scans Devices For Vulnerabilities
Threatpost (blog)
Duo Security today is releasing a new app called X-Ray that scans Android
devices for known vulnerabilities and alerts users to which ones remain
unpatched. X-Ray doesn't look for malicious apps, as some existing security
scanners do, but instead ...
<http://threatpost.com/en_us/blogs/new-x-ray-android-security-app-scans-devices-vulnerabilities-072312>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://threatpost.com/en_us/blogs/new-x-ray-android-security-app-scans-devices-vulnerabilities-072312&hl=en&geo=us>

Android Gets Security Boost From Duo Security, DARPA
eWeek
"Mobile malware authors have capitalized on the fact that such
vulnerabilities go unpatched for many months due to conservative carrier
patching practices," Oberheide wrote in an email. "We hope that X-Ray will
raise user awareness about the security of ...
<http://www.eweek.com/c/a/Security/Android-Gets-Security-Boost-From-Duo-Security-DARPA-604514/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.eweek.com/c/a/Security/Android-Gets-Security-Boost-From-Duo-Security-DARPA-604514/&hl=en&geo=us>

Hacker Will Expose Potential Security Flaw In Four Million Hotel Room
Keycard ...
Forbes
At the Black Hat security conference Tuesday evening, a Mozilla software
developer and 24-year old security researcher named Cody Brocious plans to
present a pair of vulnerabilities he's discovered in hotel room locks from
the manufacturer Onity, whose ...
<http://www.forbes.com/sites/andygreenberg/2012/07/23/hacker-will-expose-potential-security-flaw-in-more-than-four-million-hotel-room-keycard-locks/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.forbes.com/sites/andygreenberg/2012/07/23/hacker-will-expose-potential-security-flaw-in-more-than-four-million-hotel-room-keycard-locks/&hl=en&geo=us>

Manufacturer declares death of bugs Stuxnet used to sabotage Iran nukes
Ars Technica
German conglomerate Siemens on Monday said it has fixed vulnerabilities in
its software products that appeared to be identical to those that allowed
the Stuxnet computer worm to disrupt Iran's nuclear program. In advisories
published here and here, ...
<http://arstechnica.com/security/2012/07/industial-bugs-exploited-by-stuxnet-fixed/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://arstechnica.com/security/2012/07/industial-bugs-exploited-by-stuxnet-fixed/&hl=en&geo=us>

[New App] X-Ray For Android From Duo Security Scans Your Device For Root ...
Android Police
We've all read the horror stories: a new virus is crawling through the
third-party stores, aiming to steal your personal information, identity,
and first born child. More often than not, this type of malicious app is
made possible because of one of the various root ...
<http://www.androidpolice.com/2012/07/23/new-app-x-ray-for-android-scans-your-device-for-root-vulnerabilities-unfortunately-cant-fix-them/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.androidpolice.com/2012/07/23/new-app-x-ray-for-android-scans-your-device-for-root-vulnerabilities-unfortunately-cant-fix-them/&hl=en&geo=us>

Hacking attacks on printers still not being taken seriously
Equities.com
"We have demonstrated not only that the firmware update function of certain
printers is faulty, but that there are still a number of known
vulnerabilities in the real-time operating systems [such as Linux] used in
a large number of printer models." These include ...
<http://www.equities.com/news/headline-story?dt=2012-07-23&val=296706&cat=tech>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.equities.com/news/headline-story%3Fdt%3D2012-07-23%26val%3D296706%26cat%3Dtech&hl=en&geo=us>

Black Hat finds holes in ARM, x86, embedded
EE Times
SAN JOSE – Security experts will show vulnerabilities in everything from
ARM processors to x86 CPUs and even hotel locks at the annual Black Hat
conference in Las Vegas this week. A handful of sessions will detail
security holes in broad sets of embedded ...
<http://www.eetimes.com/electronics-news/4390935/Black-Hat-finds-holes-in-ARM--x86--embedded>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.eetimes.com/electronics-news/4390935/Black-Hat-finds-holes-in-ARM--x86--embedded&hl=en&geo=us>

Firefox version 14 Provides Better Online Security for Your Internet
Browsing ...
Midsize Insider
Hackers look for vulnerabilities in business computer systems to allow them
easier access, and one of the most popular ways to break into computer
systems is through Internet browsers such as Internet Explorer, Firefox,
and Google Chrome. Vulnerabilities ...
<http://midsizeinsider.com/en-us/article/firefox-version-14-provides-better-onlin>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://midsizeinsider.com/en-us/article/firefox-version-14-provides-better-onlin&hl=en&geo=us>

Virtualization And The Apple Effect
InformationWeek
That time is now, and evidence of hypervisor vulnerabilities in 64-bit
paravirtualized Xen hosts (CVE-2012-0217) has brought home exactly how
right those old-timers were. When it comes to market share, the hypervisor
is king. Our InformationWeek 2012 ...
<http://www.informationweek.com/news/storage/virtualization/240004145>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.informationweek.com/news/storage/virtualization/240004145&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 3 new results for [Vulnerabilities] ===

Government Watchdog Warns against Vulnerability of Electrical Grid
AllGov
Although most of those attacks represented attempts to avoid paying for
electricity rather than terroristic threats to the power grid, some of the
same vulnerabilities could be exploited by terrorists. Although the Federal
Energy Regulatory Commission (FERC) ...
<http://www.allgov.com/Controversies/ViewNews/Government_Watchdog_Warns_against_Vulnerability_of_Electrical_Grid_120722>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.allgov.com/Controversies/ViewNews/Government_Watchdog_Warns_against_Vulnerability_of_Electrical_Grid_120722&hl=en&geo=us>

Cybersecurity Bill Rhetoric Heats Up in Washington
IDG News Service
... Up in Washington. o Christina DesMarais 22.07.2012 kl 18:41 | PC World
(US). Tweet. Computer vulnerabilities and how they can affect Americans'
security are on the agenda for the U.S. Senate, and strong rhetoric is
being used to support new legislation.
<http://news.idg.no/cw/art.cfm?id=E07BB54C-0EE3-F357-6E2E2BCF99BA8B7C>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://news.idg.no/cw/art.cfm%3Fid%3DE07BB54C-0EE3-F357-6E2E2BCF99BA8B7C&hl=en&geo=us>

Make plans to prevent tragedies like Aurora's
OCRegister
I think it is time leaders in the private sector in concert with lawmakers
and law enforcement – local, state and federal – reinvigorate dialogue
about our soft-target vulnerabilities if we ever realistically want to
deter another Aurora-like assailant. [See another ...
<http://www.ocregister.com/opinion/-364923--.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.ocregister.com/opinion/-364923--.html&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 3 new results for [Vulnerabilities] ===

Black Hat USA Conference To Focus On Smart Phone Security Threats
The Inquisitr
The security researchers speaking at the conference will highlight
vulnerabilities in web applications and communications for these mobile
devices. The technology has advanced so far that some mobile users can
enact mobile payments by simply waving ...
<http://www.inquisitr.com/281791/black-hat-usa-conference-to-focus-on-smart-phone-security-threats/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.inquisitr.com/281791/black-hat-usa-conference-to-focus-on-smart-phone-security-threats/&hl=en&geo=us>

Malware... It's all about you...
Malta Independent Online
Malicious software (malware) is software that is explicitly designed to
exploit vulnerabilities in computing devices and human users to the
malicious advantage of the malware author or malware user. Malware comes in
many forms, including computer viruses, ...
<http://www.independent.com.mt/news.asp?newsitemid=148021>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.independent.com.mt/news.asp%3Fnewsitemid%3D148021&hl=en&geo=us>

Russian hacker's App Store fraud embraces Mac users, too
Naked Security
Apple has already publicly admitted that this is a vulnerability, and
provided some workarounds for iOS programmers to protect their in-app
purchases. According to Apple, the vulnerability will be addressed in iOS
6, which is expected in October 2012.
<http://nakedsecurity.sophos.com/2012/07/22/russian-hacker-app-store-fraud-embraces-mac-users-too/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://nakedsecurity.sophos.com/2012/07/22/russian-hacker-app-store-fraud-embraces-mac-users-too/&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 9 new results for [Vulnerabilities] ===

Mobile and Web Security Will Be Major Topics at Black Hat
PCWorld (blog)
Security researchers are expected to disclose new vulnerabilities in near
field communication (NFC), mobile baseband firmware, HTML5 and Web
application firewalls next week at the Black Hat USA 2012 security
conference. Similar Articles: What Google's ...
<http://www.pcworld.com/businesscenter/article/259587/mobile_and_web_security_will_be_major_topics_at_black_hat.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.pcworld.com/businesscenter/article/259587/mobile_and_web_security_will_be_major_topics_at_black_hat.html&hl=en&geo=us>

'The Dark Knight Rises' movie massacre sparks inner fears, vulnerability
Examiner.com
The Colorado movie shooting during "The Dark Knight Rises" left many
individuals with a 'renewed' inner sense of vulnerability, according to the
social networking sites. Sources alleged James Holmes tossed an explosive
canister, possibly gas grenades and ...
<http://www.examiner.com/article/the-dark-knight-rises-movie-massacre-sparks-inner-fears-vulnerability>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.examiner.com/article/the-dark-knight-rises-movie-massacre-sparks-inner-fears-vulnerability&hl=en&geo=us>

Mobile, web security will be major topics at Black Hat
Macworld (blog)
Last year, Weinmann demonstrated how vulnerabilities in the firmware of
baseband processors can be exploited to turn mobile phones into remote
spying devices after tricking them into communicating with a rogue GSM base
station—a scaled-down version ...
<http://www.macworld.com/article/1167792/mobile_web_security_will_be_major_topics_at_black_hat.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.macworld.com/article/1167792/mobile_web_security_will_be_major_topics_at_black_hat.html&hl=en&geo=us>

New Cybersecurity Proposal Patches Serious Privacy Vulnerabilities
Right Side News
For months, we've been raising the alarm about the serious civil liberties
implications of the cybersecurity bills making their way through the
Senate. Hours ago, we received some good news. A new bill called the
Cybersecurity Act of 2012 (S 3414) is ...
<http://www.rightsidenews.com/2012072016687/us/homeland-security/new-cybersecurity-proposal-patches-serious-privacy-vulnerabilities.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.rightsidenews.com/2012072016687/us/homeland-security/new-cybersecurity-proposal-patches-serious-privacy-vulnerabilities.html&hl=en&geo=us>

Black Hat Partners with the Electronic Frontier Foundation to Support ...
MarketWatch (press release)
The Coders' Rights Project provides legal services to help security
researchers exercise their First Amendment right to speak on the
vulnerabilities they discover and helps facilitate vulnerability disclosure
of newly-found security flaws. "Black Hat's partnership ...
<http://www.marketwatch.com/story/black-hat-partners-with-the-electronic-frontier-foundation-to-support-researchers-at-black-hat-usa-2012-2012-07-20>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/black-hat-partners-with-the-electronic-frontier-foundation-to-support-researchers-at-black-hat-usa-2012-2012-07-20&hl=en&geo=us>

Tenable Adds Mobile Vulnerability Assessment
MSPmentor
Tenable Network Security, Inc., a company that specializes in Unified
Security Monitoring, recently integrated its vulnerability assessment
solution, Nessus vulnerability scanner with Apple Profile Manager and
Microsoft Exchange via Active Directory to ...
<http://www.mspmentor.net/2012/07/20/tenable-adds-mobile-vulnerability-assessment/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.mspmentor.net/2012/07/20/tenable-adds-mobile-vulnerability-assessment/&hl=en&geo=us>

5 Security Rules For New Systems
Forbes
The Washington Times article that broke the story claims "[Tridium's CEO
John] Sublett said executives learned about the vulnerabilities almost a
year ago, when a Niagara customer that uses the software to manage Pentagon
facilities turned up issues in an ...
<http://www.forbes.com/sites/markgibbs/2012/07/20/5-security-rules-for-new-systems/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.forbes.com/sites/markgibbs/2012/07/20/5-security-rules-for-new-systems/&hl=en&geo=us>

NT OBJECTives Releases New NTOSpider On-Demand
Equities.com
Rapid turnaround NTOSpider On-Demand provides a responsive and scalable
security solution with the ability to scan and report on thousands of
application vulnerabilities within a short duration of time based on
immediate needs. Easy to use Users interact ...
<http://www.equities.com/news/headline-story?dt=2012-07-20&val=290856&cat=tech>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.equities.com/news/headline-story%3Fdt%3D2012-07-20%26val%3D290856%26cat%3Dtech&hl=en&geo=us>

After HSBC, GFI Calls For Regulators to Change the Incentives for the
Financial ...
Equities.com
... "U.S. Vulnerabilities to Money Laundering, Drugs, and Terrorist
Financing: HSBC Case History
(http://www.hsgac.senate.gov/subcommittees/investigations/hearings/us-vulne
rabilities-to-money-laundering-drugs-and-terrorist-financing-hsbc-case-hist
ory).
<http://www.equities.com/news/headline-story?dt=2012-07-20&val=290551&cat=finance>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.equities.com/news/headline-story%3Fdt%3D2012-07-20%26val%3D290551%26cat%3Dfinance&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 8 new results for [Vulnerabilities] ===

Tenable Network Security Adds Vulnerability Assessment for Personal
Mobile ...
MarketWatch (press release)
The Nessus Mobile Device Audit plugins will quickly enumerate iOS and
Android(TM)-based devices accessing their corporate network, discover
device information, and detect mobile vulnerabilities. This provides a
comprehensive view of an organization's ...
<http://www.marketwatch.com/story/tenable-network-security-adds-vulnerability-assessment-for-personal-mobile-devices-on-corporate-networks-2012-07-19>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/tenable-network-security-adds-vulnerability-assessment-for-personal-mobile-devices-on-corporate-networks-2012-07-19&hl=en&geo=us>

Stach & Liu Researchers to Unveil New Search Engine-Based Tools for
Mining ...
San Francisco Chronicle (press release)
The researchers will also release new techniques that use search engines to
identify security vulnerabilities in software and to pinpoint malicious
websites hosting malware. Building on their previous research and tools
introduced over the last two years, ...
<http://www.sfgate.com/business/prweb/article/Stach-Liu-Researchers-to-Unveil-New-Search-3719259.php>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.sfgate.com/business/prweb/article/Stach-Liu-Researchers-to-Unveil-New-Search-3719259.php&hl=en&geo=us>

Firefox 14 comes with vulnerability patches and security features
Techworld.com
Firefox 14, released yesterday, offers several new security-related
features as well as patches for numerous vulnerabilities. The release of
Firefox 14.0.1 was accompanied by 14 security advisories, five of which
were rated as critical by Mozilla. One of the ...
<http://news.techworld.com/security/3370836/firefox-14-comes-with-vulnerability-patches-security-features/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://news.techworld.com/security/3370836/firefox-14-comes-with-vulnerability-patches-security-features/&hl=en&geo=us>

Smart Grid Researcher Releases Open Source Meter-Hacking Tool
Dark Reading
The tool, like Termineter, tests for both vulnerabilities and functionality
in smart grid meters via the devices' infrared ports. The so-called
OptiGuard is a Python-based tool that demonstrates the way infrared ports
on a smart meter can be penetrated, looking for ...
<http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/240004014/smart-grid-researcher-releases-open-source-meter-hacking-tool.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.darkreading.com/advanced-threats/167901091/security/vulnerabilities/240004014/smart-grid-researcher-releases-open-source-meter-hacking-tool.html&hl=en&geo=us>

Europe makes smart grid security recommendations
EE Times
Smart grids offer benefits to the society at large but their dependency on
computer networks and applications, as well as on the Internet, increases
exposure to malicious cyber attacks. Vulnerabilities of communication
networks and information systems could ...
<http://www.eetimes.com/electronics-news/4390715/Europe-issues-smart-grid-security-recommendations>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.eetimes.com/electronics-news/4390715/Europe-issues-smart-grid-security-recommendations&hl=en&geo=us>

Amichai Shulman, CTO and Co-founder at Imperva comments on Oracle's
latest ...
Security Park
The database vulnerabilities are about denial of service, probably around
the Oracle Listener component which helps users communicate with the
database remotely. Interestingly, for three of these database
vulnerabilities all you need is network access, ...
<http://www.securitypark.co.uk/security_article268181.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.securitypark.co.uk/security_article268181.html&hl=en&geo=us>

PCI DSS Requirement 6.2 Risk Ranking Vulnerabilities – Is Your
Organization ...
Virtual-Strategy Magazine
PCI DSS Requirement 6.2 Risk Ranking Vulnerabilities – Is Your
Organization Ready? PRWeb. Thursday, July 19th 2012. Logo. Search VSM:
Advanced. Gene Geiger, Director at A-lign Security and Compliance Services,
outlines what organizations need to ...
<http://www.virtual-strategy.com/2012/07/19/pci-dss-requirement-62-risk-ranking-vulnerabilities-%E2%80%93-your-organization-ready>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.virtual-strategy.com/2012/07/19/pci-dss-requirement-62-risk-ranking-vulnerabilities-%25E2%2580%2593-your-organization-ready&hl=en&geo=us>

Firefox 14 gets kudos for security
CSO
July 18, 2012 — CSO — Security experts are praising the improvements in
the latest version of Firefox, which fixes a total of 14 vulnerabilities,
five critical, and adds three security-related features. One of the most
important patches in Firefox 14, released this ...
<http://www.csoonline.com/article/711484/firefox-14-gets-kudos-for-security>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.csoonline.com/article/711484/firefox-14-gets-kudos-for-security&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 10 new results for [Vulnerabilities] ===

Firefox 14 Contains Vulnerability Patches, Security-Related Features
PCWorld
In addition to addressing numerous vulnerabilities, Firefox 14 also secures
Google Web searches by enabling HTTPS for search queries initiated through
the location bar, search box or the right-click menu. "We automatically
make your Google searches ...
<http://www.pcworld.com/article/259433/firefox_14_contains_vulnerability_patches_securityrelated_features.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.pcworld.com/article/259433/firefox_14_contains_vulnerability_patches_securityrelated_features.html&hl=en&geo=us>

Colon cancer researchers find genetic vulnerabilities
Denver Post
More than 200 researchers investigating colon cancer tumors have found
genetic vulnerabilities that could lead to powerful new treatments. The
hope is that drugs designed to strike these weak spots will eventually stop
a cancer that is now almost inevitably ...
<http://www.denverpost.com/nationworld/ci_21106135/colon-cancer-researchers-find-genetic-vulnerabilities>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.denverpost.com/nationworld/ci_21106135/colon-cancer-researchers-find-genetic-vulnerabilities&hl=en&geo=us>

Firefox 14 released with new security features and vulnerability patches
Macworld
One of the critical advisories covers a vulnerability in the "javascript:
URL" function that could allow attackers to bypass the JavaScript sandbox
and execute malicious scripts with elevated privileges. Another critical
flaw patched in Firefox 14 could be exploited ...
<http://www.macworld.com/article/1167750/firefox_14_released_with_new_security_features_and_vulnerability_patches.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.macworld.com/article/1167750/firefox_14_released_with_new_security_features_and_vulnerability_patches.html&hl=en&geo=us>

Oracle Patches 87 Security Flaws in Critical Update
eWeek
The most critical of the vulnerabilities impacts the Oracle JRockit Java
Virtual Machine (CVE-2012-3135), and has a base score of 10.0—the highest
possible rating. From an exploitation standpoint, a 10.0 score is a
"perfect storm," explained Rapid7 Security ...
<http://www.eweek.com/c/a/Security/Oracle-Patches-87-Security-Flaws-in-Critical-Update-134140/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.eweek.com/c/a/Security/Oracle-Patches-87-Security-Flaws-in-Critical-Update-134140/&hl=en&geo=us>

Levin Opening Statement, 'US Vulnerabilities to Money Laundering, Drugs,
and ...
Equities.com
For the last decade, this Subcommittee has contributed to the battle
against money laundering and terrorist financing by exposing problems that
increase U.S. vulnerabilities to abuse. In 2001, for example, this
Subcommittee released a report showing how ...
<http://www.equities.com/news/headline-story?dt=2012-07-18&val=282100&cat=finance>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.equities.com/news/headline-story%3Fdt%3D2012-07-18%26val%3D282100%26cat%3Dfinance&hl=en&geo=us>

Oracle Customers Urged To Defend Against DoS
Dark Reading
"MySQL vulnerabilities may be the most impactful from a database security
perspective," he says. "In fact, some recent research we recently conducted
revealed that of the 1.74 million MySQL servers identified, slightly more
than 50 percent did not enforce ...
<http://www.darkreading.com/database-security/167901020/security/news/240003969/oracle-customers-urged-to-defend-against-dos.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.darkreading.com/database-security/167901020/security/news/240003969/oracle-customers-urged-to-defend-against-dos.html&hl=en&geo=us>

Industry coding consortium issue guidelines for safer applications
[Computer ...
Equities.com
An industry consortium dedicated to assuring the security of software has
issued guidelines to lower the risk that vulnerabilities that could be
exploited by attackers will wind up in finished code. In particular, the
Software Assurance Forum for Excellence in ...
<http://www.equities.com/news/headline-story?dt=2012-07-19&val=285573&cat=tech>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.equities.com/news/headline-story%3Fdt%3D2012-07-19%26val%3D285573%26cat%3Dtech&hl=en&geo=us>

Oracle issues its July critical patch update
Inquirer
A fix relating to Oracle's Fusion Middleware product Jrockit has a Common
Vulnerability Scoring System (CVSS) - a scoring system to judge seriousness
of vulnerabilities - score of 10.0, the highest possible. Six fixes are
included for Oracle's MySQL database, ...
<http://www.theinquirer.net/inquirer/news/2192680/oracle-issues-its-july-critical-patch-update>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.theinquirer.net/inquirer/news/2192680/oracle-issues-its-july-critical-patch-update&hl=en&geo=us>

Microsoft Issues Patch for Zero Day and Other Vulnerabilities
Midsize Insider
Microsoft has issued a security patch to address both a zero-day
vulnerability, as well as 15 other key flaws in some of its most popular
software. Three of the vulnerabilities were rated "critical"--the highest
level of severity. Products affected include all versions ...
<http://midsizeinsider.com/en-us/article/microsoft-issues-patch-for-zero-day-and>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://midsizeinsider.com/en-us/article/microsoft-issues-patch-for-zero-day-and&hl=en&geo=us>

Veracode Outlines Security Risks Facing the Retail Industry
MarketWatch (press release)
It's much easier for an attacker to find a vulnerability in an application,
as DLP controls can more easily be bypassed. Research from Veracode shows
that organizations spent an estimated $35 billion on security
infrastructure in 2011, yet hundreds of data ...
<http://www.marketwatch.com/story/veracode-outlines-security-risks-facing-the-retail-industry-2012-07-18>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/veracode-outlines-security-risks-facing-the-retail-industry-2012-07-18&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 8 new results for [Vulnerabilities] ===

Skybox Security Introduces Next-Generation Vulnerability Management Solution
Business Wire (press release)
Skybox Security announced a 'next-generation' solution for vulnerability
management that detects network vulnerabilities in an automated a.
<http://www.businesswire.com/news/home/20120717005406/en/Skybox-Security-Introduces-Next-Generation-Vulnerability-Management-Solution>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.businesswire.com/news/home/20120717005406/en/Skybox-Security-Introduces-Next-Generation-Vulnerability-Management-Solution&hl=en&geo=us>

DHS warns of vulnerabilities in widely used Niagara software
Computerworld
The U.S. Department of Homeland Security (DHS) has issued an alert warning
of vulnerabilities in a software technology called the Niagara AX
Framework, used to manage millions of devices over the Internet.
<http://www.computerworld.com/s/article/9229247/DHS_warns_of_vulnerabilities_in_widely_used_Niagara_software?taxonomyId=85>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.computerworld.com/s/article/9229247/DHS_warns_of_vulnerabilities_in_widely_used_Niagara_software%3FtaxonomyId%3D85&hl=en&geo=us>

Rapid7 Metasploit Pro Increases Vulnerability Management Efficiency by ...
MarketWatch (press release)
BOSTON, Jul 17, 2012 (BUSINESS WIRE) -- Rapid7, the leading provider of
security risk intelligence solutions, introduces today the means to
increase vulnerability management efficiency by leveraging intelligence
from its powerful penetration testing ...
<http://www.marketwatch.com/story/rapid7-metasploit-pro-increases-vulnerability-management-efficiency-by-leveraging-penetration-testing-intelligence-to-validate-security-risks-2012-07-17>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/rapid7-metasploit-pro-increases-vulnerability-management-efficiency-by-leveraging-penetration-testing-intelligence-to-validate-security-risks-2012-07-17&hl=en&geo=us>

The FBI Wants to Read Tattoos, Widespread Industrial Control Software ...
SYS-CON Media (press release) (blog)
The Department of Homeland Security Industrial Control System Cyber
Emergency Response Team issued a warning about vulnerabilities in widely
used Niagara software to remotely control industrial systems and devices.
More here. The Senate Armed ...
<http://www.sys-con.com/node/2315436>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.sys-con.com/node/2315436&hl=en&geo=us>

Tom Cross Joins Lancope
Dark Reading
Cross is credited with discovering a number of critical security
vulnerabilities in enterprise-class software, and has written papers on
various topics including security issues in Internet routers, securing
wireless LANs and protecting Wikipedia from ...
<http://www.darkreading.com/vulnerability-management/167901026/security/news/240003867/tom-cross-joins-lancope.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.darkreading.com/vulnerability-management/167901026/security/news/240003867/tom-cross-joins-lancope.html&hl=en&geo=us>

ICS CERT warns on Niagara control system software vulnerabilities
Government Security News
Infrastructure software that controls hundreds of thousands of building
control systems is vulnerable to electronic attack, warned DHS' industrial
control systems emergency response team. In the wake of press reports that
showed Tridium's Niagara ...
<http://www.gsnmagazine.com/node/26768?c=cyber_security>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.gsnmagazine.com/node/26768%3Fc%3Dcyber_security&hl=en&geo=us>

Black Hat: Hacking iris recognition systems
Computerworld (blog)
From the Iriscode to the Iris: A New Vulnerability of Iris Recognition
Systems is a Black Hat USA briefing scheduled for July 25. This strikes me
as particularly interesting in light of the FBI's plans to test a database
"for searching iris scans ...
<http://blogs.computerworld.com/security/20704/black-hat-hacking-iris-recognition-systems>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://blogs.computerworld.com/security/20704/black-hat-hacking-iris-recognition-systems&hl=en&geo=us>

Vulnerability detector and remediation tool launched by Skybox Security
SC Magazine UK
Skybox Security has launched an automated solution which detects network
vulnerabilities.
<http://www.scmagazineuk.com/vulnerability-detector-and-remediation-tool-launched-by-skybox-security/article/250329/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.scmagazineuk.com/vulnerability-detector-and-remediation-tool-launched-by-skybox-security/article/250329/&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail

Google Alert - Vulnerabilities

=== News - 10 new results for [Vulnerabilities] ===

Apple In-App Store Hacked
InformationWeek
Hacker finds way to loot in-app store items and posts a how-to on YouTube.
<http://www.informationweek.com/news/security/vulnerabilities/240003719>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.informationweek.com/news/security/vulnerabilities/240003719&hl=en&geo=us>

Niagara Vulnerabilities Show Security Flaws in Infrastructure
IT Business Edge (blog)
Ten IT Infrastructure and Security Trends for 2012 My goodness. I take some
time off for a vacation, and I cant believe all the security news that
happened whil.
<http://www.itbusinessedge.com/cm/blogs/poremba/niagara-vulnerabilities-show-security-flaws-in-infrastructure/?cs=50786>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.itbusinessedge.com/cm/blogs/poremba/niagara-vulnerabilities-show-security-flaws-in-infrastructure/%3Fcs%3D50786&hl=en&geo=us>

US Gov't and HSBC Bank Officials Testify on Financial System Vulnerabilities
C-SPAN
Treasury and Homeland Security Department officials testify on
vulnerabilities to the U.S. financial system at a Senate Homeland Security
and Governmental Affairs Subcommittee hearing Tuesday.
<http://www.c-span.org/Events/US-Govt-and-HSBC-Bank-Officials-Testify-on-Financial-System-Vulnerabilities/10737432370/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.c-span.org/Events/US-Govt-and-HSBC-Bank-Officials-Testify-on-Financial-System-Vulnerabilities/10737432370/&hl=en&geo=us>

Cisco warns of major vulnerabilities in TelePresence kit
Register
Cisco slipped out four security advisories on Friday warning of serious
vulnerabilities in its high-end videoconferencing system – or
TelePresence, as it prefers to call it. The flaws affect versions of Cisco
TelePresence Manager, Recording Server ...
<http://www.theregister.co.uk/2012/07/16/cisco_telepresenceflaws/>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.theregister.co.uk/2012/07/16/cisco_telepresenceflaws/&hl=en&geo=us>

Mobile App Leaves Blackboard Courseware Open To Remote attack
Threatpost (blog)
Vulnerability Lab researchers discovered remotely exploitable cross site
scripting vulnerabilities in Blackboard Mobile Learn v9.
<http://threatpost.com/en_us/blogs/xss-blackboard-vulnerability-071612>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://threatpost.com/en_us/blogs/xss-blackboard-vulnerability-071612&hl=en&geo=us>

New Study Projects Top 9 Hotel Groups to Lose a Combined $10 Billion in ...
MarketWatch (press release)
The study surveyed four components of brand vulnerability, including:
frequency of customer frustrations; customer sharing behavior (disclosure
of frustrations via word-of-mouth or on social media); the impact of
frustrations on customer behavior ...
<http://www.marketwatch.com/story/new-study-projects-top-9-hotel-groups-to-lose-a-combined-10-billion-in-customer-spending-over-the-next-12-months-2012-07-16>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/new-study-projects-top-9-hotel-groups-to-lose-a-combined-10-billion-in-customer-spending-over-the-next-12-months-2012-07-16&hl=en&geo=us>

FRI Preview: Fire Service Line-of-Duty-Death and Injury Vulnerability ...
Fire Chief (blog)
By Kelvin J. Cochran. In 2005, while fire chief in Shreveport, La., I was
burdened with the question, "Are you doing everything you can do to
prevent line-of-duty deaths and injuries from occurring in your
department?" It did not take me long to ...
<http://firechief.com/blog/fri-preview-fire-service-line-duty-death-and-injury-vulnerability-assessment-project>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://firechief.com/blog/fri-preview-fire-service-line-duty-death-and-injury-vulnerability-assessment-project&hl=en&geo=us>

Black Hole Exploit Kit Targeting Java CVE-2012-1723 Flaw
Threatpost (blog)
The CVE-2012-1723 Java vulnerability that the Black Hole exploit kit is now
targeting is a serious flaw. It's a pre-authentication, remotely
exploitable vulnerability that would give an attacker complete control of a
compromised machine. It's the worst ...
<http://threatpost.com/en_us/blogs/black-hole-exploit-kit-targeting-java-cve-2012-1723-flaw-071612>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://threatpost.com/en_us/blogs/black-hole-exploit-kit-targeting-java-cve-2012-1723-flaw-071612&hl=en&geo=us>

Coverity to Speak on Windows 8 Security at Black Hat USA 2012
MarketWatch (press release)
As part of the Coverity Security Research Laboratory (SRL), Valasek is
focused on researching new and existing security vulnerabilities,
investigating and uncovering the root causes of vulnerability-causing
defects in software code. This knowledge is ...
<http://www.marketwatch.com/story/coverity-to-speak-on-windows-8-security-at-black-hat-usa-2012-2012-07-16>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.marketwatch.com/story/coverity-to-speak-on-windows-8-security-at-black-hat-usa-2012-2012-07-16&hl=en&geo=us>

AT&T To Sponsor Zero-Day Contest For Kids
Dark Reading
Inspiration for the competition came out of a new class of mobile
vulnerabilities that the young hacker, who goes by "CyFi," reported last
year to AT&T. After getting bored with her progress in one of her favorite
mobile app games, CyFi discovered a so ...
<http://www.darkreading.com/risk-management/167901115/security/vulnerabilities/240003810/at-t-to-sponsor-zero-day-contest-for-kids.html>
See all stories on this topic:
<http://news.google.com/news/story?ncl=http://www.darkreading.com/risk-management/167901115/security/vulnerabilities/240003810/at-t-to-sponsor-zero-day-contest-for-kids.html&hl=en&geo=us>

This once a day Google Alert is brought to you by Google.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Delete this Google Alert:
http://www.google.com/alerts/remove?hl=en&gl=us&source=alertsmail&s=AB2Xq4h73uDuUaTj8-CUHcryQFnZut4U2bzcgRg

Create another Google Alert:
http://www.google.com/alerts?hl=en&gl=us&source=alertsmail

Sign in to manage your alerts:
http://www.google.com/alerts/manage?hl=en&gl=us&source=alertsmail