by Darin Dutcher (Threat Research) Last month, the hacker collective Anonymous announced their intention to launch cyber-attacks against the petroleum industry (under the code name #OpPetrol) that is expected to last up to June 20. Their claimed reason for this attack is primarily due to petroleum being sold with the US dollar instead of currency … Continue reading Security Alert – Anonymous’ #OpPetrol: What is it, What to Expect, Why Care?
Midsummer Patch Tuesday (or midwinter, depending on your latitude) takes place on Tuesday 11 June 2013. As you probably already know, Microsoft publishes an official Advance Notification each month to give you early warning of what’s coming. These early notifications generally don’t give any details, summarizing only the basics, such as: The number of Bulletins … Continue reading Towerwall Security / Vulnerability Alert: Microsoft announces five Bulletins for Patch Tuesday, including Office for Mac
Security researchers from the Vulnerability Lab have identified a serious security hole that could affect a number of companies which rely on Barracuda products. They’ve discovered a high severity validation filter and exception handling bypass vulnerability in Barracuda’s appliances. According to the experts, the input filter that’s designed to block out persistent input attacks is … Continue reading Towerwall Security / Vulnerability Alert
It appears that BYOD, “Bring Your Own Device” to work, is beyond just being a growing trend if not currently a sanctioned practice within the corporate walls. It may seem that bowing to this desire on the parts of employees would have a lot to offer, not the least of which is a reduction in … Continue reading BYOD Brings on a War of Worry
Jan 11 (Reuters) – The U.S. Department of Homeland Security urged computer users to disable Oracle Corp’s (ORCL:$34.8625,$-0.0475,-0.14%) Java software, amplifying security experts’ prior warnings to hundreds of millions of consumers and businesses that use it to surf the Web. Hackers have figured out how to exploit Java to install malicious software enabling them to … Continue reading Warning: Java vulnerable to hackers, U.S. government says
As the year draws to a close, it’s time for us to take a step back, absorb the lessons of 2012, and look at what 2013 and beyond will bring for users, the security industry, and even cybercriminals. We know this time of year is incredibly busy and as a trusted advisor, you expect Towerwall … Continue reading Towerwall Security Alert 2013
Bringing mobile devices to work? Not so fast. Like it or not, the line between the workplace and the home is blurring. Work-at-home arrangements are becoming more common and cloud services make it easier to co-ordinate teams online. People are constantly on call, with the ability to check their emails and stay in touch wherever … Continue reading Beware of BYOD trend wreaking havoc
Don’t assume those third-party apps you buy are fully secure. Despite the promise of cloud computing, companies are still buying software. And it is more cost effective to buy an application and plug it into your system than it is to develop anew. How many third-party applications has your company bought off the shelf? How … Continue reading Trust Your Third-Party Applications? Think Again….
Everyday there is a new threat with seemingly innocent emails being sent out that look close to an official correspondence from a company, from Paypal, ADP and BBB – to name a few. Cybercriminals are mimicking the online payment processor PayPal in a malicious spam campaign that attempts to dupe customers into downloading malware from … Continue reading Fake PayPal Emails Distributing Malware
Security is not a list of things you do. Security is a way of thinking, a way of looking at things, a way of dealing with the world that says “I don’t know how they’ll do it, but I know they’re going to try to screw me” and then, rather than dissolving into an existential … Continue reading Top 10 PHP Security Vulnerabilities