BANKERSONLINE.COM MAIN PAGE
 Print Friendly Version!  Email This Article!  Discuss NOW!
|
Update for July 28, 2006 to August 3, 2006
 Welcome to Tech Talk! Security researchers released several new methods to exploit information systems security vulnerabilities at this week's BlackHat security conference. US-CERT announced 82 new vulnerabilities in software from Microsoft, Mozilla, Oracle, Sun and Apache. Apple, Mozilla and McAfee all released security patches this week, and a new credit card with the capability to generate one-time passwords was announced. These stories and more in this week's TechTalk.
-- Jeff Patterson, BOL GURU
Notes from BlackHat
The BlackHat security conference took place in Las Vegas this week. Leading security researchers presented new methods to exploit vulnerabilities in computers and software applications. Three topics caught the media's attention.
- The most troublesome is the apparent lack of security in many wireless network drivers. Researchers at the conference demonstrated using a flaw in an Apple Macbook to seize control of the computer. See the WashingtonPost for a blog entry.
- Another development at the conference was the apparent ease in which RFID tags to be issued in the new US passports could be cloned. Wired has the story.
- And new tools to test VoIP security were released at the conference. These tools can be used to overload VoIP systems, redirect calls, and force hang-ups. CNET has more.
You can find out more about this year's conference at BlackHat.
CERT Highlights 82 New Vulnerabilities
The US-CERT Vulnerability Summary for the Week of July 24, 2006 lists twenty-seven High severity vulnerabilities including flaws in Oracle, Symantec PC Anywhere and Ethereal. An additional sixteen Medium severity and thirty-nine Low severity vulnerabilities in Oracle applications, Microsoft Windows operating systems, Sun Solaris operating system, Microsoft's Internet Explorer, Apache's Tomcat, and 3Com's Tipping Point IPS appliances.
US-CERT Alerts
US-CERT published alerts for multiple vulnerabilities in Mozilla products including Firefox, Thunderbird, and SeaMonkey and Apple Mac products from OS X to the Safari web browser.
Apple Addresses Vulnerabilities
The US-CERT alert for the Apple products follows Apple's security release this week. The release addresses more than two dozen security vulnerabilities. Information about the release is available from Apple.
Mozilla and McAfee Releases
Mozilla released Firefox 1.5.0.6 to patch a bug introduced in last week's 1.5.0.5 update that affected the Windows Media Player plug-in. TechWeb has the complete story.
McAfee released a patch on Wednesday for their McAfee SecurityCenter application to address a vulnerability that could allow remote code execution. Details of the patch release are available from CSOOnline.
Microsoft patches due next week
Microsoft is preparing to release patches next week for twelve security vulnerabilities. These vulnerabilities include ten in Windows and two in Office. At least two of the vulnerabilities are considered critical. Additional information is available from Microsoft.
Innovative Credit Card to Fight Fraud
InCard has released a new credit card with built-in one-time password generation capabilities to aid in the fight against identity theft and online fraud. Details about the card are available from InCard and through a CNET video broadcast.
|
| CD ROM Training |
 CD ROM Training |
 CD ROM Training |
 CD ROM Training |
|
| Policies/Job Descriptions & Related Sites |
|
|
| Featured Tech Vendors |
RSA Consumer Solutions
RSA Consumer Solutions provides online security and anti-fraud solutions for financial institutions. Its portfolio includes risk-based and segment-based authentication, anti-Phishing/Pharming services and Transaction Monitoring. For more information, visit www.rsasecurity.com/consumer.
|
|
| Archived Technology and eBanking |
You have access to the previous Tech Talk pages and the Tech Alerts on BankersOnline's Technology & eBanking page. |
|
|
