Microsoft's Ed Gibson and Vinny Gullotto are interviewed by web editor James Garner at Information Security 2008, London, about security threats and the future of cybercrime.
LinuxSecurity.com: Fix possible authentication bypass in authldap authentication module when dbmail is used with LDAP servers allowing anonymous logins - CVE-2007-6714 (#443019).
LinuxSecurity.com: =3D=3D=3D=3D=3D=3D=3D=3D Multiple vulnerabilities in start_kdeinit could possibly allow a local attacker to execute arbitrary code with root privileges.
LinuxSecurity.com: New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
LinuxSecurity.com: It was discovered that crashes in the Javascript engine of Iceape, an unbranded version of the Seamonkey internet suite could potentially lead to the execution of arbitrary code.
LinuxSecurity.com: Christian Herzog discovered that within the Linux Terminal Server Project, it was possible to connect to X on any LTSP client from any host on the network, making client windows and keystrokes visible to that host.
Some malware developers have taken to copyrighting their work, according to Symantec. The security company highlighted in its blog that Russian malware developers have been adding copyright rules to the programs they sell illegally on the Internet.
Botnet fighters have another tool in their arsenal, thanks to Microsoft. The software vendor is giving law enforcers access to a special tool that keeps tabs on botnets, using data compiled from the 450 million computer users who have installed
LinuxSecurity.com: About a year ago, we took a look at the growing trend toward open-source security and highlighted 10 of the best apps available. Since then, the area has continued to mature, and now we're back highlighting 75 of the
M.Hasran Addahroni has reported a vulnerability in Prozilla Hosting Index, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "cat_id" parameter in directory.php (when "ax" is set to "list") is not properly sanitised
Gentoo has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges.
Transnet Freight Rail has decided to standardize on NICE, undertaking a multi million-dollar project to implement NiceVision Net, NICE's end-to-end solution for IP video security. The NICE intelligent security solution will enable Transnet Freight Rail to monitor and record images
Law firm Paris Smith & Randall LLP has purchased endpoint security software DeviceLock to ensure information security and confidentiality of data. This ensures that no information can be removed or copied from the corporate system without permission and gives the
ADI-GARDINER's Chelmsford branch along with local firm Hewes Security has supplied the new Audi dealership at Rayleigh in Southend with an ideal detection solution that matches the stylish design of the cars and building. GJD's D-Tect2 was specially chosen to
A new web based company offering biometric technology has been launched by leading identity management consultants Human Recognition Systems (HRS). www.simplybiometrics.com features over 100 products from leading companies such as Ingersoll Rand, Panasonic, Hitachi, Fujitsu, Sagem, Bioscrypt, CrossMatch and L1.The
