Recherche dans le site/ Search this Blog:

Login



Sécurité / Security
Asterisk FreePBX Security: FreePBX Backdoor Passwords Pose Asterisk Security Threat; Here is more robust solution to eliminate this possibility Imprimer
Écrit par Alain Côté   
dimanche, 01 mai 2011 16:44

We received an email from one of our provider pointing to a Nerd Vittles article warning about hidden admin passwords by which hackers could gain admin access to FreePBX/Asterisk installations granted such installations can be accessed through the Internet. You should always protect your FreePBX installation by forcing users that need to access it through the Internet to use a a VPN or SSH port redirection. This might be inconvenient for some customers so keep on reading...

 

Mis à jour / Last updated ( samedi, 07 mai 2011 18:09 )
Lire la suite / Read more...
 
Hacker Redirects Barack Obama's Site Imprimer
Écrit par DarkAges   
jeudi, 24 avril 2008 02:39

According to Paul Mutton of Netcraft.com, "A security weakness in Barack Obama's website has been exploited to redirect visitors to Hillary Clinton's website. Visitors who viewed the Community Blogs section of the site were instead presented with Clinton's website as a result of a cross-site scripting vulnerability." The article closes with "While Mox states that the original issue has now been fixed, a number of similar vulnerabilities have since been identified and remain unfixed, and are documented on xssed.com, which notes that such vulnerabilities open up opportunities to infect Obama's supporters and site visitors with malware, adware and spyware."

Mis à jour / Last updated ( mercredi, 31 décembre 1969 15:00 )
 
Linux local root exploits for kernel 2.6.17 to 2.6.24.1 Imprimer
Écrit par Alain Côté   
mardi, 12 février 2008 20:13

There is a security hole in Linux kernels 2.6.17 to 2.6.24.1, several exploits have already been written :

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0010
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0600

Solution

Upgrade to kernel 2.6.24.2 or visit your distribution web site and download a patch for your kernel version.

 

Mis à jour / Last updated ( mercredi, 13 février 2008 02:40 )
 
Planning a Recovery That Isn't a Disaster Imprimer
Écrit par Alain Côté   
mercredi, 23 janvier 2008 07:26
"Our overwhelmed security manager wants her disaster recovery plan to be more than an exercise in filling in the blanks."
Trouble Ticket

At issue: The disaster recovery plan isn’t worth the paper it’s printed on.

Action plan: Devise something of real value despite tight resources.
Mis à jour / Last updated ( mercredi, 26 mars 2008 23:37 )
Lire la suite / Read more...
 
Wireless Headset for Office Phones Hacked Imprimer

"From the article, "In offices all over the world, users are becomingly increasingly enamored with those wireless "hands-free" headsets that allow the speaker to move around the office while continuing a conversation on the phone. But have you ever wondered how secure those headsets are? So have we. Recently, we had the chance to find out — and what we discovered was downright scary."

 

Mis à jour / Last updated ( mercredi, 26 mars 2008 23:38 )
Lire la suite / Read more...
 
« Début/StartPréc/Previous12Suivant/NextFin/End »

Page 1 de 2



Consultez TOUS nos fils d'actualité ici. / View ALL our newsfeed here.