5 stages of a Web app attack [Infographic]

Web application attacks are among the leading causes of data breaches, according to Verizon's 2015 Data Breach Investigations Report, which looked at data from 80,000 security incidents and over 2,000 confirmed data breaches in 61 countries. The report also found that weak or stolen credentials account for over 50 percent of breaches involving Web applications, and those in the financial services sector are favored targets for Web application attacks.Statistics like that are enough to make anyone sit up and take note.To read this article in full or to leave a comment, please click here(Insider Story)

Android banking malware SlemBunk is part of a well-organized campaign

An Android Trojan that targets mobile banking users has evolved into a sophisticated, persistent and hard-to-detect threat, suggesting that it is part of a well-organized attack campaign.Researchers from security firm FireEye first documented the Trojan in December and named it SlemBunk. Once installed, it starts monitoring the processes running on the device and when it detects that a mobile banking app is launched, it displays a fake user interface on top of it to trick users into inputting their credentials.The Trojan can spoof the user interfaces of apps from at least 31 banks from across the world and two mobile payment service providers.To read this article in full or to leave a comment, please click here

Cisco, AT&T & others declare June 20th will be World Wi-Fi Day

With all the unofficial/official international/world/national days that various tech and governmental organizations and their marketing arms have carved out in recent years (World Paper Free Day, Data Privacy Day, etc.), it's amazing that the Wireless Broadband Alliance found an open spot on June 20 to set aside for the inaugural World Wi-Fi Day. But let it be known henceforth that June 20th shall be a day "to accelerate affordable wireless connectivity around the world" and "to recognize and celebrate the significant role Wi-Fi is playing in getting cities and communities around the world connected."To read this article in full or to leave a comment, please click here

Cisco fixes unauthorized access flaws in access points, wireless LAN controllers

Cisco Systems released critical security updates for several products, including access points and wireless LAN controllers, in order to fix vulnerabilities that could give remote attackers access to devices.The Cisco Aironet 1830e, 1830i, 1850e and 1850i series access points contain a default account with a static password that attackers can use to gain unauthorized access, the company said in an advisory.Fortunately, the account does not have administrative privileges, so the vulnerability is only rated as high impact instead of critical.To read this article in full or to leave a comment, please click here

Cisco fixes unauthorized access flaws in access points, wireless LAN controllers

Cisco Systems released critical security updates for several products, including access points and wireless LAN controllers, in order to fix vulnerabilities that could give remote attackers access to devices.The Cisco Aironet 1830e, 1830i, 1850e and 1850i series access points contain a default account with a static password that attackers can use to gain unauthorized access, the company said in an advisory.Fortunately, the account does not have administrative privileges, so the vulnerability is only rated as high impact instead of critical.To read this article in full or to leave a comment, please click here

Defense One: Islamic State has written its own encrypted communications app

The Islamic State is deploying its own encrypted communications app for Android, an eventuality predicted by experts who oppose efforts of governments to require encryption backdoors so they can find out what criminals are saying to teach other.The app, called lrawi.apk, employs what is described as rudimentary encryption and was available for download last month on a Web site where Islamic State supporters could download it and another app for distributing propaganda, according to a story posted by Defense One.The creation of such an encryption app has been considered a likely outcome of laws being proposed internationally requiring backdoors that would allow service providers to fulfill court orders to decrypt private communications of their customers.To read this article in full or to leave a comment, please click here

Signature Update #2645

Update #2645 (02/14/2016) HIGH APP:CA:ARCSRV:PORTMAPPER-3 APP: Computer Associates BrightStor ARCserve Backup Portmapper (3) HIGH DHCP:SERVER:SC-DHCLIENT-BOF-3 DHCP: ISC DHCP dhclient script_write_params Stack Buffer Overflow (3) HIGH DHCP:SERVER:ISC-DHCLIENT-BOF-4 DHCP: ISC DHCP dhclient script_write_params Stack Buffer Overflow (4) HIGH SCAN:CANVAS:HELIUM-AGENT-1 SCAN: Canvas Helium Agent (1) MEDIUM HTTP:MISC:MS-IIS-DOS-1 HTTP: Microsoft IIS Denial of Service (1) HIGH APP:CA:ARCSRV:PORTMAPPER-4 APP: Computer... Read more →

An Improved Way to use YAML with Vagrant

In this post, I’d like to share with you an improved way to use YAML with Vagrant. I first discussed the use of YAML with Vagrant in a post on simplifying multi-machine Vagrant environments, where I simply factored out variable data into an external YAML file. The original approach I described had (at least) one significant drawback, though, which this new approach adddresses.

(By the way, this “improved” way is probably just a matter of better coding. I’m not an expert with Ruby, so Ruby experts may look at this and find it to be quite obvious.)

Here’s the original snippet of a Vagrantfile that I shared in that first Vagrant/YAML post:

# -*- mode: ruby -*-
# # vi: set ft=ruby :
# Specify minimum Vagrant version and Vagrant API version
Vagrant.require_version ">= 1.6.0"
VAGRANTFILE_API_VERSION = "2"
# Require YAML module
require 'yaml'
# Read YAML file with box details
servers = YAML.load_file('servers.yaml')
# Create boxes
Vagrant.configure(VAGRANTFILE_API_VERSION) do |config|
# Iterate through entries in YAML file
servers.each do |servers|
config.vm.define servers["name"] do |srv|
 Continue reading
1 3,105 3,106 3,107 3,108 3,109 3,762