01.30.06
Posted in security, hacking at 11:09 am by HowardG
Cisco Systems recently published a security alert and a fix for its Cisco CallManager product, a piece of call-processing software that works with Cisco’s IP telephony solution. According to the alert, all versions of CallManager are vulnerable to Denial of Service attacks, which could result in interrupted VoIP services or servers rebooting. The Cisco report says that versions of CallManager “do not manage TCP connections and Windows messages aggressively,” and leave known ports vulnerable to Denial of Service attacks. The vulnerability could also allow a user with read-only privileges to gain full administrative access to the system.
In addition to deploying the free software fix available from Cisco, users should also secure the CallManager through standard best practices to minimize the possibility of a successful attack. Read the rest of this entry »
Permalink
01.22.06
Posted in security, privacy, law at 4:19 pm by HowardG
The Federal government has been attempting to force Google and other major search engines to turn over information from their databases. Since September 11, the Bush administration has rankled privacy advocates with a host of new measures that infringe on the rights and privacy of citizens, in the name of the fight on terrorism and under the banner of the Patriot Act.
In court papers filed in the U.S. District Court of San Jose, the Department of Justice noted that Google has not complied with a subpoena it issued last year. Read the rest of this entry »
Permalink
01.03.06
Posted in security, spyware, microsoft, hacking at 11:15 am by HowardG
Security experts discovered a serious vulnerability in late December, through which hackers can attack a fully patched Windows XP or Windows Server 2003 system. The vulnerability involves the OS handling a corrupted Windows Metafile (.WMF) graphic file.
Microsoft has not released a fix for the vulnerability, which has already caused significant damage. Read the rest of this entry »
Permalink