Privacy and security news and privacy and security widget

Date : Sun, 05 Oct 2008 18:39:49 -0700 Axis News 05.10.2008 Eurasian security services Daily Review AIA REVIEW TOPICS:Georgian secret services accused of bombing Russian peacemakers' HQs in Tskhinvali No ...

A workaround emerged from Oracle as news circulated of a remotely exploitable flaw, without requiring authentication, involving the WebLogic platform.Both the WebLogic Server and WebLogic Express products, acquired by Oracle when the company purchased BEA, suffer from the newly disclosed vulnerability. SANS internet Storm Center said the problem stems from the Apache Connector used by the products. A WebLogic advisory noted the flaw could be exploited without authentication. Sites using Apache servers that are already configured with the mod_security module are protected from this vulnerability by the default core ruleset, according to the advisory. Using mod_security with the WebLogic plug-in for Apache serves as one workaround suggested by Oracle. The other workaround calls for an edit to httpd.conf and a restart: It is possible to configure Apache and avert this vulnerability by rejecting certain invalid requests. To do so, add the following parameter to the httpd.conf file and

The same critical DNS issue that HD Moore and his associates raced to include in their security testing toolkit, the Metasploit Project, bounced back against the noteworthy security researcher.Security pros and other techies who see the boundary-pushing actions of Moore and Metasploit as more of a hindrance than a help to security may have enjoyed the schadenfreude surrounding Moore today. Moore detailed what happened on a blog post at Metasploit. The incident hit an AT&T DNS cache server; the affected machine coincidentally served "as an upstream forwarder for an internal DNS machine at BreakingPoint Systems," which is Moore's company. "This attack affected anyone in the Austin, Texas region using that AT&T internet Services (previously SBC) DNS server. The attack itself was not malicious, did not load malware, and from an operational standpoint, had zero impact," said Moore. Employees at his company noticed problems when the cache-poisoned DNS machine at AT&T returned a 404 error

Over the past five years, the anti-virus market has experienced tremendous growth as many new technologies have emerged in response to current conditions.What was once a market consisting of very few players has evolved into a multi-billion dollar enterprise consisting of dozens of companies with huge assortment of anti-virus products varying in focus and quality. According to analysts, the global anti-virus market is forecasted to surpass $58 billion by 2010 with the introduction of new technologies in the areas of data loss prevention, virtualization security, security-as-a-service and many others. Despite this growth, the technology behind anti-virus today is highly inefficient when it comes to protecting against modernized threats. This is fueled by the fact that vendors simply can't keep up with all of the new malware surfacing each and every day. The situation has created a breakdown in the quality and effectiveness of their underlying core technology. 1 This problem is evide

FA licien and La Tuque in the Saguenay. - Last day to vote at advance polls in the federal election.

Description * Intel Core 2 Duo T5500 Dual Core Mobile Processor * 1GB PC2-4200 DDR2 Memory * 160GB 5400rpm SATA Hard Drive * 8x DVD+/-RW Dual Layer Burner * 15.4" WXGA Wide Screen LCD * NVIDIA GeForce Go 7400 ...

Store owners no longer need to use expensive satellite or dial-up connections and can eliminate costly credit card transactions surcharges in favor of a low monthly flat rate.

The House of Lords will debate personal internet security on Friday, with the aim of assessing the progress the government has made on protecting the public.

The 3Com OfficeConnect internet Firewall DMZ provides affordable Internet security for up to 100 users on your local area network .

The House of Lords will question the government on the subject of internet security in a debate on Friday.