Elipse, a Brazilian SCADA software developer, patched a serious denial-of-service vulnerability in the DNP Master Driver deployed in its SCADA web-based application.
Tag Archives: Web Security
Avoiding Data Breaches with Context Aware Behavioral Analytics
Avivah Litan of Gartner explains how context aware behavioral analytics may have prevented recent retail breaches and the Snowden, NSA surveillance saga.
OpenVPN Patches Denial of Service Vulnerability
Open source VPN software providers OpenVPN released an update Monday that patches a critical denial-of-service vulnerability.
IBM Fixes Serious Code Execution Bug in Endpoint Manager Product
IBM has fixed a serious vulnerability in its Endpoint Manager product that could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The vulnerability lies in the Endpoint Manager for Mobile Devices component of the product and the researchers who discovered it said the bug could be used to compromise not […]
Researcher Releases Database of Known-Good ICS and SCADA Files
A prominent security researcher has put together a new database of hundreds of thousands of known-good files from ICS and SCADA software vendors in an effort to help users and other researchers identify legitimate files and home in on potentially malicious ones. The database, known as WhiteScope, comprises nearly 350,000 files, including executables and DLLs, […]
Sandbox Escape Bug in Adobe Reader Disclosed
Details and exploit code for a vulnerability in Adobe Reader have surfaced and the bug can be used to break out of the Reader sandbox and execute arbitrary code. The bug was discovered earlier this year by a member of Google’s Project Zero and reported to Adobe, which made a change to Reader that made it […]
New Google Security Dashboard Manages Device Activity
Google released a new Devices and Activity Dashboard, along with a new security wizard for Google for Work accounts.
Home Depot Breach Cost Company $43 Million in Third Quarter
The massive Home Depot data breach disclosed earlier this fall involved the theft of 56 million credit and debit card numbers, and now the company has revealed that the incident so far has cost it $43 million. The costs are the result of both the investigation into the data breach as well as the recovery […]
Sony Pictures Dealing With Apparent Network Compromise
Sony Pictures Entertainment is still in the process of trying to recover from an apparent compromise of some of the company’s computer systems. The attack first came to light on Monday, and the extent of the incident is still emerging. The compromise appears to affect just the networks at SPE, a division of Sony. Reports […]
Adobe Releases Emergency Flash Player Patch
Adobe released an emergency out-of-band Flash Player security bulletin, revising a patch released in October with an additional CVE addressing a memory corruption vulnerability.