blog trackingRealtime Web Statistics blames Archives - Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘blames’

Bishop blames RH law for rise in Internet porn

Manila Auxiliary Bishop Broderick Pabillo attributed Internet pornography patronage in part to the Reproductive Health (RH) Law. In a report from the CBCP News, Pabillo blasted the “culture of addiction,” which he said is rooted on the promotion of condoms, contraceptives and the law itself. He also urged the government to teach the “sacredness” of
[continue reading…]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

View full post on National Cyber Security

Nadia Lockyer Email Blames Husband and Hacker

An email sent from Nadia Lockyer's account to reporters in which she blamed her husband, Attorney General Bill Lockyer, for supplying her with drugs was sent by her former lover, who hacked into her… Photo Credit: AP

View full post on politics hacker – Yahoo! News Search Results

View full post on National Cyber Security

Microsoft blames security info-sharing programme MAPP for attack code leak

Microsoft has confirmed that sample attack code created by the company had likely leaked to hackers from a programme it runs with antivirus vendors.

“Details of the proof-of-concept code appear to match the vulnerability information shared with Microsoft Active Protection Program (MAPP) partners,” Yunsun Wee, a director with Microsoft’s Trustworthy Computing group, said in a statement posted on the company’s site.

“Microsoft is actively investigating the disclosure of these details and will take the necessary actions to protect customers and ensure that confidential information we share is protected pursuant to our contracts and program requirements,” Wee added.

Under MAPP, Microsoft provides select antivirus companies with technical information about bugs before Microsoft patches the flaws. MAPP is meant to give third-party security vendors advance warning so that they can craft detection signatures.

Among the things Microsoft shares with MAPP members, according to a program FAQ, are “proof-of-concept or repro tools that further illuminate the issue and help with additional protection enhancement.”

The acknowledgment by Microsoft was prompted by claims earlier in the day by Luigi Auriemma, the Italian researcher who reported the vulnerability in Windows Remote Desktop Protocol (RDP) in May 2011.

Auriemma said that code found in a proof-of-concept exploit on a Chinese website was identical to what he had provided HP TippingPoint’s Zero Day Initiative (ZDI) bug bounty program. His code was then used by ZDI to create a working exploit as part of the bounty program’s bug verification work.

ZDI then passed along information about the RDP vulnerability, including the exploit that used Auriemma’s code, to Microsoft.

According to Auriemma, the public exploit included the string “MSRC11678,” a reference to a Microsoft Security Response Center (MSRC) case number, indicating that the leak came from Microsoft.

ZDI denied it had been the source of the leak. “We’re 100% confident that the leak didn’t come from us, and Microsoft is comfortable with us saying that,” said Aaron Portnoy, the leader of TippingPoint’s security research team and the had of ZDI.

Portnoy also described the chain of custody of Auriemma’s code – a specially-constructed data packet that triggers the RDP vulnerability – from its May 2011 submission to ZDI to its inclusion in the concept exploit that ZDI provided Microsoft in August 2011 as part of a broader analysis of the vulnerability.

The proof-of-concept exploit now circulating among hackers does not allow remote code execution – necessary to compromise a PC or server, and then plant malware on the system – but instead crashes a vulnerable machine, said Portnoy. The result: The classic Windows “Blue Screen of Death.”

Portnoy also echoed what Microsoft’s Wee said of the similarity between the public exploit and Auriemma’s code. “We can confirm that the executable exploit does have a packet that was part of what Luigi gave us,” said Portnoy.

Microsoft launched MAPP in 2008. The program has 79 security firm partners, including AVG, Cisco, Kaspersky, McAfee, Trend Micro and Symantec, as well as several Chinese antivirus companies.

Wee did not say whether Microsoft had a list of suspects, but noted that all information it passes to MAPP partners was under a “a strict Non-Disclosure Agreement (NDA).” If the leak did originate with a MAPP partner, it would be the first ever for the program.

Microsoft’s MS12-020 update patches the RDP bug, and can be downloaded and installed via the Microsoft Update and Windows Update services, as well as through Windows Server Update Services.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1d91f8a9/l/0Lnews0Btechworld0N0Csecurity0C33453110Cmicrosoft0Eblames0Esecurity0Einfo0Esharing0Eprogramme0Emapp0Efor0Eattack0Ecode0Eleak0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Cloud Industry Forum blames FUD for security concerns

Security is still the top concern for organisations looking to migrate to a cloud service model, with privacy following close behind, according to the latest research from the Cloud Industry Forum (CIF).

In a survey of 300 end user organisations in November last year, 62 percent cited data security as one of their most significant concerns about cloud adoption, and 55 percent said they were worried about data privacy in the cloud.

Other concerns included dependence on internet access (49 percent), confidence in vendor reliability (35 percent) and contract lock in (34 percent).

According to Simon Bain, CTO at British search company Simplexo, these concerns are largely a result of the “fear, uncertainty and doubt” (FUD) that surrounds cloud computing. He said that, rather than bandying around buzzwords, vendors should be focusing on proving that the cloud is secure, in order to reassure customers.

“I am obviously a believer in using the ‘cloud’ as a way forward for both personal and corporate life,” said Bain. “However, there are certain guidelines that I think need to be adhered to before we all start throwing our hard disks away and placing everything in to the hands of others.”

He said that security is “the first and last thing” that providers should be thinking about, because security is important in all aspects of people’s online life, and the cloud is no different.

“Just because you may not be logging in to your bank, does not mean that the security should be any weaker. Remember you may have placed your bank statements in the cloud!” he added.

Simplexo is a member of CIF, which also today announced the launch of a new legal sub-group. Chaired by Conor Ward, partner at Hogan Lovells, the group will aim to offer clarity on legal issues to do with cloud computing and work towards providing a conducive legal framework in support of the work of the Cloud Industry Forum.

“Cloud, by nature, is creating a greater sense of capability and collaboration, which can, if not checked, drive contractual and operational ambiguity,” said Andy Burton, Chair of CIF and CEO of Fasthosts. “Clarity on the services delivered and accountability and responsibility of the parties involved in delivering them is key.”

The group will offer advice on cloud service types, data protection issues, software licensing in the cloud, service definitions and levels, liability, procurement, applicable law, customer data and the future of cloud law encompassing both the UK and the EU.

EU Justice Commissioner Viviane Reding is this week expected to announce a new data protection regime, that could have a significant impact on the cloud computing industry. The law is expected to include new rules about how and where data can be stored, and increasing the accountability of cloud service providers.

Cloud Expo Europe is also taking place this week, on 25-26 January at National Hall Olympia.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1c0fc8d2/l/0Lnews0Btechworld0N0Csecurity0C3331920A0Ccloud0Eindustry0Eforum0Eblames0Efud0Efor0Esecurity0Econcerns0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Indiana official’s father blames hacker for posts

INDIANAPOLIS -

The father of Indiana Secretary of State Charlie White is blaming a computer hacker for anti-Semitic comments posted on his Facebook page targeting a judge who ruled that White should be removed from office.

Darrell White tells The Indianapolis Star that he didn’t post the comments critical of Marion County Judge Louis Rosenberg, who is Jewish. White contacted Westfield police and blames the postings on someone who is trying to hurt the White family.

The posts appeared on Darrell White’s Facebook page and in online comments to an Indianapolis Star story about Rosenberg’s ruling on Thursday that Charlie White should be removed for being wrongly registered to vote from his ex-wife’s address while he was campaigning for the office in 2010.

Darrell White’s entire Facebook page was deleted Friday.

Copyright © 2011 The Associated Press. All rights reserved. This story may not be published, broadcast, rewritten or redistributed without the prior written authority of The Associated Press.

Article source: http://www.wthr.com/story/16390748/indiana-officials-father-blames-hacker-for-posts

View full post on National Cyber Security » Computer Hacking

Ind. official’s father blames hacker for posts

INDIANAPOLIS (AP) — The father of Indiana Secretary of State Charlie White is blaming a computer hacker for anti-Semitic comments posted on his Facebook page targeting a judge who ruled that White should be removed from office.

View full post on facebook hacker – Yahoo! News Search Results

View full post on National Cyber Security

A new twist: White’s father blames hacker for Facebook posts

Indiana Secretary of State Charlie White’s yearlong battle to stay in office has taken a turn for the weird. Again.

View full post on facebook hacker – Yahoo! News Search Results

View full post on National Cyber Security

Cyber espionage: US blames China, Russia

WASHINGTON, US: China and Russia are using cyber espionage to steal U.S. trade and technology secrets to bolster their own economic development, which poses a threat to U.S. prosperity and security, a U.S. intelligence report said on Thursday.

View full post on russia cyber attacks – Yahoo! News Search Results

View full post on National Cyber Security

HTCS1: The US blames China and Russia for cyber hacks and British police make a major cyber criminal arrest. Read more at http://t.co/UyiD22jR

HTCS1: The US blames China and Russia for cyber hacks and British police make a major cyber criminal arrest. Read more at http://t.co/UyiD22jR

View full post on Twitter / HTCS1

Page 1 of 212»

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?
$15.95

Find Out More, Click Here!