Another privacy issue has been discovered in Google Drive which could have led sensitive and personal information stored on the cloud service exposed to unauthorized parties. The security flaw has now patched by Google, but its discovery indicates that the vulnerability of cloud data when accessed via a link can…
Benchmark cybersecurity analytics service delivers new vulnerability management insights
Top Priority Sector: cyber_security Penn State’s College of Information Sciences and Technology, in partnership with Tripwire, a provider of risk-based security and compliance management solutions, has announced that the top 25 percent of vulnerability management contributors scanned their networks nearly continuously and had an average aggregate host risk score of…
OAuth, OpenID vulnerability discovered
Beware of links that ask you to log in through Facebook. The OAuth 2.0 and OpenID modules are vulnerable. Following in the steps of the OpenSSL vulnerability Heartbleed, another major flaw has been found in popular open-source security software. This time, the holes have been found in the login tools…
Heart-Bleed , a over-rated vulnerability and the most famous vulnerability discovered till now
Big companies like Microsoft , Apple and other were vulnerable to it but they’ve patched it as its a serious kind of vulnerability which admin will never want to be exploited. The companies which were affected by this vulnerability notified their customers about it before the site was exploited. According…
Heartbleed: Serious OpenSSL 0day Vulnerability Revealed
Everyday new security bugs are being discovered. And one of these newly identified bugs is the the so-called Heartbleed Bug in the OpenSSL cryptographic library. While Heartbleed only effects OpenSSL’s 1.0.1 and the 1.0.2-beta release, 1.01 is already broadly deployed. Since Secure-Socket Layer (SSL) and Transport Layer Security (TLS) are…
XSS vulnerability enables unique DDoS attack
XSS vulnerability in popular video site enables unique DDoS attack California-based website security company Incapsula said that a persistent cross site script XSS vulnerability in a popular video sharing site facilitied a DDoS attack against a different site. Attack was repelled by Incapsula on Thursday. Ronen Atias, Security researcher at…
Hackers Target Al Arabiya, Leak Passwords After Exploiting Zimbra Vulnerability.
Hackers associated with notorious LullzCrew are back in public stunts. Yesterday they targeted Al Arabia, Saudi owned Tv Channel, and leaked its sensitive data. Lullz Crew says it’s back again and now it has teamed up with Horsemen of Lullz, another hacktivist group, to launch a massive operation against…
Lumension and Qualys offer combined vulnerability management solution
Top Priority Sector: it_security Lumension Security, an endpoint management and security company, and Qualys, a provider of cloud security and compliance solutions, have announced a partnership to provide customers with comprehensive vulnerability assessment and patch management solutions. Read More…. View full post on The Cyber Wars
Twitter vulnerability lets apps send DMs without user permission
Security researcher Egor Homakov has discovered a Twitter vulnerability which allows apps to send DMs without requiring explicit user permission. TNW has verified the findings and can confirm the bug. This means Twitter apps that don’t ask for permission to send DMs can do so anyway. For example, Twitpic doesn’t ask for access…
WPScan for Android, WordPress vulnerability scanner
Android version of WPScan, a WordPress vulnerability Scanner released. Program written in java which attempts to find known security weaknesses within WordPress installations. View full post on The Hacker News For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com View full post on National Cyber Security