vulnerability

TechRepublic Resources

• sort by:
• Relevance
• Date
• Popularity

Is your site safe from SQL injection attacks?

Microsoft and HP announced yesterday that they are providing free tools to help network administrators to deal with the increase in SQL injection attacks over the last six months. by Andy Moon

Tags: Vulnerability, SQL, SQL Injection, Attack, Programming Languages, Security, Databases, Software Development, Software/Web Development, Enterprise Software, Software, Data Management, Andy Moon

Blog posts 2008-06-24

How FreeBSD makes vulnerability auditing easy: portaudit

Find out how FreeBSD's portaudit tool goes a long way toward helping you maintain a secure system, simply and easily. by Chad Perrin

Tags: Linux Distribution, FreeBSD, Vulnerability, Auditing, UNIX, Open Source, Operating Systems, Security, Software, Chad Perrin

Blog posts 2008-06-24

Security news roundup: New vulnerability affects Firefox 3

This week's security roundup includes a new vulnerability discovered in Firefox, Microsoft admitting to a mistake with a recent Bluetooth patch, the lack of any progress at cracking the Gpcode.ak ransomware, and the loss of NHS laptops that could expose the personal particulars of up to 30,000 patients. by Paul...

Tags: Mozilla Firefox 3.0, Mozilla Firefox, Patient, Vulnerability, Microsoft Corp., Laptop Computer, NHS Laptop Theft, Web Browsers, Notebooks, Security, Internet, Hardware, Notebooks & Tablets, Paul Mah

Blog posts 2008-06-23

eEye Digital Security White Paper: Remote Windows Kernel Exploitation Step Into the Ring 0

This paper refers to the remote exploitation of a kernel-based vulnerability. The largely undocumented nature of the Windows kernel can make exploitation a somewhat daunting task. Microsoft claimed this was not exploitable as there was no way to directly control the instruction pointer, yet one could overwrite any memory location...

Tags: Vulnerability, eEye Digital Security, Kernel, Ignorance, Microsoft Windows, Security, Operating Systems, Software

White papers

MSDN Webcast: Digital Blackbelt Series: Social Engineering and Mitigating System Vulnerability (Level 200)

Great defensive technology is still no match for raw stupidity. Most clever technical attacks begin with some assistance from social engineering. This webcast defines social engineering and reviews a number of real-world hacks that began with social engineering efforts. After reviewing these social engineering lead-ins to technical attacks the webcast...

Tags: Microsoft Developer Network, Webcast, Vulnerability, Engineering, Technology, Digital Media, Security, Consumer Electronics, Personal Technology

Webcasts

Correlating Vulnerability and Attack Data to Improve Enterprise Security

The new Vulnerability Data Correlation capability addition to Symantec's Managed Security Services enables the enterprise to address today's real challenges by increasing their operational efficiency and reducing their business risk. With this new capability, Symantec's Managed Security Service creates links and correlates between attack data seen by any IDS/IPS device...

Tags: Symantec Corp., Enterprise Security, Vulnerability, Security

Webcasts

Linux Kernel do_brk() Vulnerability

A critical security bug has been found in the Linux kernel 2.4.22 and earlier memory management subsystem. This bug has been silently fixed for the 2.4.23 as well as in the 2.6.0-test6 release without any notice to the open source community. While performing a regular audit of the Linux kernel...

Tags: Linux Kernel, Vulnerability, Bug, Security Bug, Linux, Open Source, UNIX, Operating Systems, Software

White papers

15 Common Mistakes in Web Security: Enterprise vulnerabilities that invite attack

Web 2.0 applications provide access to numerous resources. From social networks to blogs, to wikis, employees are surfing the web for business data and for personal use. However, web-borne viruses, spyware, malicious code, data leaks, identity theft, pornography, and illegal files are just as happy landing...

Tags: Clearswift Corp., Web, Vulnerability, Web Security, Attack, Channel Management, Marketing

White papers

Global Steel Manufacturer Eliminates "Window of Vulnerability"

Founded in 1913 and based in the U.S. Pacific Northwest, the customer is a privately held international group of companies that manufacture engineered metal parts and components for industrial machinery. The corporation's Internet technology manager was eager for a way to prevent known and unknown attackers from penetrating the firewall...

Tags: Corporation, Window, Vulnerability, E-business, Web Technology, E-business/E-Commerce, Intrusion Detection, Internet, Firewalls, Network Security, Security, Networking

Case studies

City of Edmonton Eliminates Vulnerabilities With Comprehensive Antivirus and Anti-Spam Protection From Trend Micro

Edmonton is Alberta's capital and Canada's fifth largest municipality with a population in excess of one million people. Edmonton's civic government provides services that contribute to the safety, security, and enjoyment of all its citizens. This mission is achieved by planning, developing and maintaining a variety of municipal services including...

Tags: Trend Micro Inc., Anti-spam, Antivirus, Vulnerability, Edmonton, Spyware, Spyware, Adware & Malware, Spam, Viruses And Worms, Security, Phishing, Government, Spam And Phishing

Case studies

Internet Storm Center: Threat Update + Defending Against DoS Attacks

This webcast will cover one critical vulnerability in Microsoft Exchange, as well at least one critical vulnerability in Microsoft Windows. In addition, the webcast will discuss methods to prepare for and fight denial of service attacks. All agree that the critical assets of the enterprise data and applications are resident...

Tags: Denial Of Service, Webcast, Internet Storm Center, Vulnerability, SANS Institute, Security, Digital Media, Consumer Electronics, Personal Technology

Webcasts

Stopping Crimeware and Malware: How to Close the Vulnerability Window

Computer users can no longer wait for a new vaccine every time a new security threat appears. This security gap has already cost individuals and businesses billions of dollars in downtime and lost productivity in a world of smarter, faster, Internet-borne zero-day attacks. TruPrevent is an Intrusion Prevention System...

Tags: Panda Software, Window, Vulnerability, Malware, TruPrevent, Intrusion Prevention, Security

White papers

The Top 10/20 Internet Security Vulnerabilities: A Primer

This presentation is designed to give you a brief overview of the top 10 most critical Internet Security threats.

Tags: Vulnerability, Internet Security, Internet, Network Security, Security, Networking

Presentations

Homeland Security Issues for Managers

Homeland Security organizations in all governments face formidable challenges that may take years to resolve. Obtaining funds in this poor economy, getting the right people in the right jobs, integrating data across agencies and jurisdictions and organizing to respond to shifting terrorist threats are among the leading challenges. Solutions will...

Tags: U.S. General Services Administration, Vulnerability, IBM Corp., Government, Homeland Security, Vertical Industries, Enterprise Software, Software

White papers

Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery

As cellular data services and applications are being widely deployed, they become attractive targets for attackers, who could exploit unique vulnerabilities in cellular networks, mobile devices, and the interaction between cellular data networks and the Internet. This paper demonstrates such an attack, which surreptitiously drains mobile devices' battery power up...

Tags: Phone, MMS, Battery Power, Mobile, Network, Vulnerability, Paging, Battery, Cell Phone, Mobile Device, Text Messaging/SMS/MMS, Engineering, Advertising & Promotion, Cellular Phones, Consumer Electronics, Personal Technology, Online Communications, Marketing

White papers

Types of Attacks That Acunetix Web Vulnerability Scanner Can Launch and What They Are

Various high profile site attacks have amply shown that it is futile having your firewall perfectly configured and your OS and key applications at the latest patch level, if your web application can be compromised in a matter of minutes, granting hackers access to your backend data. For a more...

Tags: Scanner, Vulnerability, Web Application, Attack, Acunetix Web Vulnerability Scanner, Security

White papers

MSDN Webcast: Testing Methodologies for Automated Web Application Vulnerability Scanners (Level 200)

There is more to conducting an automated Web application vulnerability assessment than "point and shoot". Automated Web application vulnerability scanners are not as automated as their vendors would lead us to believe. This webcast will examine various strategies to get the most out of a vulnerability assessment tool. The topics...

Tags: Microsoft Developer Network, Webcast, Vulnerability, Web Application, Vulnerability Assessment, Scanners, Security, Hardware, Peripherals

Webcasts

Cyber Security - Growing Risk From Growing Vulnerability

Interconnections across and among cyber and physical systems are increasing. Our dependence on these interconnected systems is also rapidly increasing, and even short-term disruptions can have major consequences. Reported attacks against Internet systems are almost doubling each year and attack technology will evolve to support attacks that are even more...

Tags: Carnegie-Mellon University, Vulnerability, Cyber Security, Internet, Government, Security, Networking

Case studies

"Sasser", "Blaster" and "MyDoom": Why Your Network and AV Providers Can't Stop Them

"Virtual Patch" is a process by which protection agents can be configured to provide an immediate defense against catastrophic risks prior to the availability of a vendor-released patch or upgrade. The "Virtual Patch" process protects systems against attack during the interim of time between the discovery of vulnerability and the...

Tags: Network, Internet Security Systems Inc., Vulnerability, Blaster Worm, Sasser Worm, MyDoom Virus, Security, Patches, Viruses And Worms

Webcasts

Vulnerability counting revisited: a hypothetical example

Vulnerability counting is, in many cases, worse than useless as a means of quantifying the security of the software. I've made this point before, but this article tries a different approach to making it: demonstration by hypothetical example. by Chad Perrin

Tags: Developer, Vulnerability, FooOS, BarOS, Security, Chad Perrin

Blog posts 2008-06-19