Monthly Archives: September 2011

Access woes

An OEM manufacturer was operating on an old revision of a mainstream ERP that they were planning on replacing in the near future. Over the years, the company had tried different access methodologies for this ERP, always starting but never … Continue reading

Posted in Sarbox Services | Leave a comment hacked, redirects users to malware-laden sites

The attack follows word at Russian underground forums that root access to was being sold for US$3,000. Read More

Posted in News | Leave a comment

Crystal Reports Input Validation Flaw in ‘pubDBLogon.jsp’ Permits Cross-Site Scripting Attacks

A vulnerability was reported in Crystal Reports. A remote user can conduct cross-site scripting attacks. The software does not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be … Continue reading

Posted in News | Leave a comment

First SpyEye Attack on Android Mobile Platform now in the Wild

Trusteer – It seems that SpyEye distributors are catching up with the mobile market as they (finally) target the Android mobile platform. Ever since Man in the Mobile attacks (MitMo/ZitMo) first emerged in late 2010, SpyEye followed Zeus’ tracks by … Continue reading

Posted in News | Leave a comment

Cisco Releases 2 New Security Advisories

Cisco IOS® Software Release, 15.1(2)T is affected by a denial of service (DoS) vulnerability during the TCP establishment phase. The vulnerability could cause embryonic TCP connections to remain in a SYNRCVD or SYNSENT state. Enough embryonic TCP connections in these … Continue reading

Posted in News | Leave a comment