Смотрите также связанные темы
16.06.2018 В контакте с одноклассниками, или Угрозы социальных сетей
Более 30% суммарного американского веб-трафика используют любители социальных сетей (social networks, SN), таких как Facebook, Myspace и LinkedIn (аналоги vkontakte.ru, www.odnoklassniki.ru и www.moikrug.ru). Достоинства SN очевидны: здесь можно общаться с друзьями и коллегами в режиме онлайн, заводить новые знакомства и налаживать связи. Однако нельзя забывать, что SN несут в себе потенциальную угрозу интернет-безопасности. Об этом и пойдет речь в данной статье...
27.10.2018 Consumerization Defines a New IT Security Reality
According to Raghu Raghuram of VMware, 20-25% of users access enterprise services through private computers today. This proportion is growing quickly with mobile access, new service delivery strategies, and a Gen X/Y workforce molded by mobile devices and social networks.
Gartner has coined the term “consumerization” for the reality that unmanaged endpoints and consumer-based services have [...]
18.02.2018 Popular dating sites being used as selling techniqe
In the last year or so, I’ve been a single guy searching, of course, for my long lost love. I wanted to touch base on something that may be happening more and more as the social networks and dating sites become ever more popular. I joined a dating site (that will remain nameless) about a [...]
25.06.2018 2010-06-25 - [slackware-security] bind (SSA:2010-176-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] bind (SSA:2010-176-01) New bind packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues when DNSSEC is enabled (which is not the default setting). Here are the details from the Slackware 13.1 ChangeLog: +--------------------------+ patches/packages/bind-9.4.3_P5-i486-1_slack13.1.txz: Upgraded. This fixes possible DNS cache poisoning attacks when DNSSEC is enabled and che...
27.05.2018 CVE-2010-2091
Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via an invalid value.
22.06.2018 CVE-2010-1637
The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.
02.07.2018 CVE-2010-2480
Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vectors involving single-quote characters and a JavaScript onLoad event handler for a BODY element.
27.08.2018 CVE-2010-3140
Untrusted search path vulnerability in Microsoft Windows Internet Communication Settings on Windows XP SP3 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as an ISP file.
16.09.2018 CVE-2010-3402
Untrusted search path vulnerability in IDM Computer Solutions UltraEdit 16.20.0.1009, 16.10.0.1036, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a bin, cpp, css, c, dat, hpp, html, h, ini, java, log, mak, php, prj, txt, or xml file.
08.12.2018 CVE-2010-4480
error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted BBcode tag containing "@" characters, as demonstrated using "[a@url@page]".
|
|
