SecurityRatty: tag: leads

PrincipalPermissionAttribute and Static ctor Leads to DoS

2007-12-03 09:03:00 by Keith Brown in Security Briefs

...leads to the previous exception being rethrown ( Brumme, 2003 ). So, if the first caller to use the class doesn't satisfy the permission demand, no callers in the entire AppDomain will be able to use that class Here's a simple console app you can compile that demonstrates the danger using System using System.Security.Principal using...

Tags: class sensitive, sensitive, class, class level, static constructor, inside static constructor, class program, static constructor leads, static void

Auditing open source software

2007-10-08 16:13:00 by Panayiotis Mavrommatis in Google Online Security Blog

...leads to a heap-based buffer overflow gunzip . In September 2006, my colleague Tavis Ormandy reported some interesting vulnerabilities in the gunzip decompressor. They were triggered when an evil compressed archive is decompressed. A lot of programs will automatically pass compressed data through gunzip, making it an interesting attack. The...

Tags: image, malicious image file, libtiff image, values, jpeg image, tiff header values, source, evil tiff file, evil

Cached Malware Embedded Sites

2007-12-16 18:18:26 by HASH0x8a09e44 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...leads us to more realistic attack tactic than the one discussed in the article, where an attacker will supposedely embedd malware at different sites, let the search engines crawl and cache it, than remove the sites and wait for the visitors to use the cache, thereby infecting themselves. Case in point - the U.S Consulate's site for instance...

Tags: sites, sites wrongly, web sites, malware, malicious site, site, single site offers, sites notification services, popular sites

NSA's Domestic Spying

2008-03-26 06:02:18 by schneier in Schneier on Security

...leads to be explored by counterterrorism programs across the U.S. government, such as the NSA's own Terrorist Surveillance Program, formed to intercept phone calls and emails between the U.S. and overseas without a judge's approval when a link to al Qaeda is suspected Two former officials familiar with the data-sifting efforts said they work...

Tags: nsa, data haul, haul, information, transactional information, data, nsa receives, mass data, terrorism information awareness

An old/new kind of cybercrime/cybercriminal

2008-04-23 10:13:09 by HASH0x8b4a8bc in StillSecure, After All These Years

...leads. That is the names, contacts and qualifications of people looking for mortgages. A mortgage company would consider these leads more valuable than gold, more valuable even that gasoline! So to my mind this is more a case of corporate espionage where a company that is competitive to Lending Tree infiltrated their networks through people,...

Tags: financial gain type, financial gain, gain, information breach, information, gain access, access, competitors information, cybercrime

An old/new kind of cybercrime/cybercriminal

2008-04-23 11:13:09 by ashimmy in StillSecure, After All These Years

...leads. That is the names, contacts and qualifications of people looking for mortgages. A mortgage company would consider these leads more valuable than gold, more valuable even that gasoline! So to my mind this is more a case of corporate espionage where a company that is competitive to Lending Tree infiltrated their networks through people,...

Tags: financial gain type, financial gain, gain, information breach, information, gain access, access, competitors information, cybercrime

Slow removal of child sexual abuse image websites

2008-06-11 14:02:32 by Richard Clayton in Light Blue Touchpaper

...leads to considerable delays. Furthermore, the same parochial attitude appears to be taken by similar organisations in other countries The IWF are a member of INHOPE , an association of child sexual abuse image reporting hotline organisations operating in 29 countries, and the IWF will also pass reports to the appropriate INHOPE members....

Tags: image, image websites, websites, child sexual, child, image newsgroups, sites, illegal sites, fake escrow sites

CFA Institute Defends the CFA Brand

2006-08-24 00:39:00 by Jomni in Risk Management Quant

...leads to a CFA Charter from the Council of Chartered Financial Analysts. The court stated that "Chartered Financial Analyst" and "CFA" is not a generic term to be used by any organization and is a recognized trademark owned by CFA Institute CFA Institute press release ICFAI program details Tags: CFA

Tags: cfa, cfa brand, cfa charterholders, cfa institute, institute, cfa marks, cfa charter, icfai runs, icfai

KimsCrafts e-commerce breach affects 4,500

2007-12-14 16:08:39 by Evan Francen in The Breach Blog

...leads to questions about why the Approved Scanning Vendor did not detect the vulnerability(ies I don't think KimsCrafts is all too much unlike many companies of similar size. These companies see the potential money to be made through the internet (e-commerce), but do not necessarily employ the security required of such endeavors. Do these...

Tags: kimscrafts, breach, e-commerce, credit file, credit, credit card data, kimscrafts e-commerce site, data, data security firm

Security certification leads to a higher salary, survey shows

2007-07-12 08:00:00 by Editor in IT Compliance

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo