Tag Archives: gaming

Gather Intelligence On Web Bots To Aid Defense

Automated traffic to Web sites has steadily increased, driven by legitimate search-engine indexing, questionable crawlers and malicious attackers — companies need to know which is which.

To that end, Web-security cloud service Incapsula launched a site on Wednesday for cataloging Web bots, the automated programs that crawl Web sties to index pages, grab competitive price information, gather information on social-networking users or scan for vulnerabilities. With the site, dubbed BotoPedia, the company is gathering data on the Internet addresses used by Web bots as well as the user-agent strings and any other identifying information. The catalog will be open, but moderated, in much the same way as Wikipedia, says Marc Gaffan, co-founder and vice president of business development for Incapsula. Continue reading Gather Intelligence On Web Bots To Aid Defense

Advertisements

Google forced to temporarily deactivate copy protection for Android apps

Google has been forced to temporarily deactivate a security feature in Android 4.1 (Jelly Bean) intended to make it harder to pirate paid-for apps. The feature resulted in some purchased apps no longer working after devices on which they were installed on were restarted, requiring the user to reconfigure or even reinstall them. According to a bug report on Google Code, affected apps include several live wallpapers and applications with widgets or access to Google’s account system. Continue reading Google forced to temporarily deactivate copy protection for Android apps

Microsoft’s Attack Surface Analyzer matures

Attack Surface Analyzer logoMicrosoft has released version 1.0 of of its Attack Surface Analyzer, bringing the application out of beta status. Attack Surface Analyzer was originally announced in January 2011 and is designed to give developers and system administrators the ability to gauge how installing a certain application will effect the attack surface of a Windows system.The company says that it has received “quite a bit of positive feedback” on the tool and is now ready to make it available to the wider public. Continue reading Microsoft’s Attack Surface Analyzer matures

NVIDIA closes hole in proprietary Unix driver

NVIDIA logoNVIDIA has fixed the vulnerability in its proprietary graphics driver for Unix systems that was publicly disclosed by Linux kernel and X.org developer Dave Airlie a few days ago; apparently, NVIDIA had already known about the hole for a month. To close it, the company has, along with other drivers, released driver version 304.32, which is being deployed via NVIDIA’s knowledge base. Continue reading NVIDIA closes hole in proprietary Unix driver

Black Hat: Researchers take over Linksys router with simple JavaScript

A pair of researchers at last week’s Black Hat conference demonstrated how a simple JavaScriptapp could be used to compromise a wireless router with little to no user interaction.

Network devices – such as routers, switches, printers and firewalls – can be hijacked to give a remote attacker full control of the network, Phil Purviance and Joshua Brashars, senior security consultants at AppSec Consulting, said during their presentation on Thursday. The attack method relied on JavaScript and cross-site request forgery, they said. Continue reading Black Hat: Researchers take over Linksys router with simple JavaScript

Oracle to issue 14 patches for Java SE

IDG News Service – Oracle is planning to ship 14 patches related to Java SE on Tuesday, including a number with the highest level of severity under the CVSS (common vulnerability scoring system) framework, according to a pre-release announcement on the company’s website.

“Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible,” Oracle said. Continue reading Oracle to issue 14 patches for Java SE

Flame malware makers send ‘suicide’ code

Screenshot of FlameThe creators of the Flame malware have sent a “suicide” command that removes it from some infected computers.

Security firm Symantec caught the command using booby-trapped computers set up to watch Flame’s actions.

Flame came to light after the UN’s telecoms body asked for help with identifying a virus found stealing data from many PCs in the Middle East. Continue reading Flame malware makers send ‘suicide’ code