Saturday, July 26, 2025
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Month: March 2017

IndependentSecuriteam
admin

SSD Advisory – SolarWinds Multiple Vulnerabilities

Credit to Author: Maor Schwartz| Date: Tue, 14 Mar 2017 07:15:01 +0000

Vulnerabilities Summary SolarWinds Server and Application Monitor version 6.1.1 has been found to contain multiple vulnerabilities: Node Custom Properties Persistent XSS Audit Events Module Persistent XSS Custom “Data Source” and ‘Where Clause’ Persistent XSS “Build Dynamic Query Name” Persistent XSS Multiple Persistent XSS Vulnerabilities Via ‘Title’ field Application Monitor Template Persistent XSS NOC View Name … Continue reading SSD Advisory – SolarWinds Multiple Vulnerabilities

Read More
MalwareBytesSecurity
admin

A week in security (Mar 6th – Mar 12th)

Credit to Author: Malwarebytes Labs| Date: Tue, 14 Mar 2017 19:58:50 +0000

A compilation of notable security news and blog posts from the 6th to the 12th of March. This week, we look back at Ransomware, exploit kits and Mac security myths.

Categories:

Tags:

(Read more…)

The post A week in security (Mar 6th – Mar 12th) appeared first on Malwarebytes Labs.

Read More
ComputerWorldIndependent
admin

Microsoft stays security bulletins' termination

Credit to Author: Gregg Keizer| Date: Tue, 14 Mar 2017 13:17:00 -0700

Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month’s slate of vulnerabilities and accompanying patches.

The bulletins’ last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the “Security Updates Guide” or SUG.

But just hours before February’s security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing “a last-minute issue” that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.

To read this article in full or to leave a comment, please click here

Read More
ComputerWorldIndependent
admin

DOJ: No, we won't say how much the FBI paid to hack terrorist's iPhone

Credit to Author: Gregg Keizer| Date: Tue, 14 Mar 2017 11:31:00 -0700

The U.S. Department of Justice yesterday argued that it should not have to reveal the maker of a tool used last year to crack an alleged terrorist’s iPhone or disclose how much it paid for the hacking job, court documents showed.

That tool was used last year by the FBI to access a password-protected iPhone 5C previously owned by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., in December 2015. The two died in a shootout with police later that day. Authorities quickly labeled them terrorists.

In March 2016, after weeks of wrangling with Apple, which balked at a court order compelling it to assist the FBI in unlocking the iPhone, the agency announced it had found a way to access the device without Apple’s help. Although the FBI acknowledged it had paid an outside group to crack the iPhone, it refused to identify the firm or how much it paid.

To read this article in full or to leave a comment, please click here

Read More
SecurityTrendMicro
admin

The March 2017 Security Update Review

Credit to Author: Dustin Childs (Zero Day Initiative Communications)| Date: Tue, 14 Mar 2017 19:30:56 +0000

Just a day before Pwn2Own kicks off its 10th anniversary, join us in looking at the security updates released by Google, Adobe, VMWare, Firefox, and Microsoft for the month of March 2017. It’s shaping up to be the largest Patch Tuesday in history, which is fitting to coincide with the largest Pwn2Own ever. tl:dr –…

Read More