he latest update to the Mountain Lion Developer Preview, includes the “OS X Security Update Test 1.0″ feature which silently downloads and installs the latest security updates.
According to AppleInsider, in the latest update to the Mountain Lion Developer Preview, includes the “OS X Security Update Test 1.0″ feature, which will run daily or whenever a Mac restarts in an attempt to silently download and install the latest security updates. Continue reading Silent security updates coming to Apple’s OS X Mountain Lion
Are you using Microsoft products in your work environment then find out the security threats and how to address them.This is a must have information for CIO and systm. check it out in url below;
Inadequate checking leads to possible user privilege escalation.
Joomla! versions 2.5.4 and all earlier 2.5.x versions
Upgrade to version 2.5.5
Reported by Nils Rückmann
Earlier , we published about the new virus making headlines ‘The flame’. We already discussed about its ability to leak documents and large amounts of data from the affected system. However, as this piece of malware has been designed to spy on computers located in industrial environments, the attackers expected to that the malware would encounter some restrictions and security policies enforced at the protected network perimeter. Continue reading How ‘Flame’ virus works!
Part of a database containing the credentials for more than 8,000 Twitter accounts, apparently obtained from the TweetGif image hosting service, is currently circulating online. The extract contains access tokens and the associated access token secrets which can be used to access users’ Twitter accounts.
Users log into the third-party TweetGif app using their Twitter account, and Twitter then provides TweetGif with an access token. This token allows TweetGif to access the user’s Twitter account in perpetuity without having to request permission each time it wishes to do so.
The tokens remain valid even when the account password is changed. As a precautionary measure, anyone who has used TweetGif in the past is advised to revoke the service’s access rights under Settings ➤ Apps on twitter.com. The LulzSecReborn Hacker group has already claimed responsibility for leaking the user data. The group was also responsible for publishing data from the MilitarySingles.com e-dating web site and from security services provider CSS Corp earlier this year.
Joshua Dustin, CISSP, GIAC GPEN, MasterCNE, CNE6, CLE, CLP demostrates how to use twitter to build password cracking wordlist , click here to view!
HP Security Bulletin HPSBMU02776 SSRT100852 – Potential security vulnerabilities have been identified with HP Onboard Administrator (OA). The vulnerabilities could be exploited remotely resulting in unauthorized access to data, unauthorized disclosure of information, and Denial of Service (DoS).