What we are up against…

March 31, 2011 · Posted in Information Security, Information Systems · Comment 

There is much ballyhoo on the importance of information security to an organization. There is significant focus on the threats posed by hackers, intruders, cyber-terrorists, foreign actors, viruses, Trojan horses, spyware.  etc. to the information held by a particular organization. Laws have been enacted to ensure that these actors if caught will face significant punishment under the law and organizations spend millions of dollars to ensure that their systems and infrastructure are hardened to protect themselves from this threat. Read more

Tags: <, , , , >

  • Your Shopping Cart

    Your cart is empty

  • Calendar

    February 2012
    M T W T F S S
    « Mar    
     12345
    6789101112
    13141516171819
    20212223242526
    272829  

  • RSS From the National Vulnerability Database

    • CVE-2012-0291 (pcanywhere, altiris_client_management_suite_pcanywhere_solution, altiris_deployme...) February 21, 2012
      Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), and Altiris Deployment Solution Remote pcAnywhere Solution 7.1 (aka 12.5.x and 12.6.x) allow remote attackers to cause a denial of service (applic […]
      nvd@nist.gov
    • CVE-2012-0315 (alftp) February 21, 2012
      Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a user attempts to access the README file. […]
      nvd@nist.gov
    • CVE-2012-0223 (termis) February 21, 2012
      Untrusted search path vulnerability in 7-Technologies (7T) TERMIS 2.10 and earlier allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2012-0224. […]
      nvd@nist.gov
    • CVE-2012-1256 (easyvista) February 21, 2012
      The single sign-on (SSO) implementation in EasyVista before 2010.1.1.89 allows remote attackers to bypass authentication via a modified url_account parameter, in conjunction with a valid login name in the SSPI_HEADER parameter, to index.php. […]
      nvd@nist.gov
    • CVE-2011-4185 (iprint) February 20, 2012
      The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436. […]
      nvd@nist.gov
    • CVE-2012-1218 (freelancerkit) February 20, 2012
      Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to the (1) notes and (2) tickets components. […]
      nvd@nist.gov
    • CVE-2011-4521 (advantech_webaccess) February 20, 2012
      SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input. […]
      nvd@nist.gov
    • CVE-2012-1222 (r2/extreme) February 20, 2012
      Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlier allows remote authenticated users to execute arbitrary code via a long string to TCP port 23. […]
      nvd@nist.gov
    • CVE-2012-1235 (advantech_webaccess) February 20, 2012
      Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0235. […]
      nvd@nist.gov
    • CVE-2012-0865 (cubecart) February 20, 2012
      Multiple open redirect vulnerabilities in CubeCart 3.0.20 and earlier allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) r parameter to switch.php or (2) goto parameter to admin/login.php. […]
      nvd@nist.gov
Get Adobe Flash playerPlugin by wpburn.com wordpress themes