Threat Center Security News
Security News
AWStats Cross-Site Scripting Vulnerability Print E-mail
Written by Rebecca Mints   
Monday, 18 August 2008 00:54

 

Morgan Todd has discovered a vulnerability in AWStats, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed in the URL to awstats.pl is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Read more...
 
Gtron Threat Level on iGoogle Print E-mail
Written by Rebecca Mints   
Friday, 15 August 2008 03:56

 

iGoogle users can now add Gtron Solutions Top News and the WTW Threat Level to their iGoogle home page! Read security news feeds and stay aware of the current Internet threat level within a single gadget by clicking the google button. Add to Google
Read more...
 
Vulnerability Management Delivers High ROI Print E-mail
Written by Rebecca Mints   
Thursday, 14 August 2008 12:40

 

"Best-in-Class organizations in this study realized excellent marginal returns on their vulnerability management initiatives. For every $1.00 invested in VM, they avoided an estimated $1.91 in vulnerability-related costs, for a marginal ROI of 91%. This compares to $1.43 in avoided costs per $1.00 of investment for all respondents, which is still a very healthy marginal ROI." - Aberdeen Group

Read more...
 
Joomla Password Change Vulnerability Print E-mail
Written by Rebecca Mints   
Monday, 11 August 2008 19:00

The Joomla "token" password change vulnerability was reported by d3m0n. It can be exploited by malicious people to bypass security restrictions and manipulate data maliciously.
Read more...
 
Sarbanes-Oxley : Finance / Risk Management Print E-mail
Written by Rebecca Mints   
Monday, 11 August 2008 02:04

Quoted from http://www.s-ox.com - Dave Eike

Objective:

Get auditors and compliance officers to understand that vulnerability management improves real system security while simultaneously assuring SOX compliance.
Read more...
 
More Articles...


Page 14 of 33

WTW Threat Level