ZDNet Definition for: CERT

Additional Resources

SecFocus RSS Reader for iPhone 1.0 (Mobile)

SecFocus RSS Reader for iPhone receives information from a variety of RSS news sources which includes security focus news and vulnerabilities, ISCA labs, SANS, RootSec, Apple, Oracle, Linux, Sun, Ubuntu, Symantec, CERT, and Microsoft. SecFocus RSS Reader for iPhone contains frequently updated information--such as blog information, news headlines, audio, and...

Tags: Apple iPhone, Mobile, Blog, Pivot Studios, Smart Phones, Blogging, Consumer Electronics, Personal Technology, Internet

Software downloads 2009-10-30

US-CERT warns about BlackBerry spyware app

Justification for Apple's model?It can't be said just yet, but it's looking like a pool of trusted applications may be a good idea after all, despite the level of control wielded by Apple.No....Gee, just because someone releases a spyware app doesn't mean we need to only let RIM distribute apps....

Tags: Spyware, adware & malware, Cyberthreats, Handhelds, spyware app, Apple Inc., BlackBerry spyware app, US-CERT Warns, spyware, US-CERT, RIM BlackBerry, phone

Discussion threads 2009-10-28

US-CERT warns about BlackBerry spyware app

A free BlackBerry spyware application has been released to allow an attacker to call a user's BlackBerry and listen to personal conversations. by Ryan Naraine

Tags: RIM BlackBerry, US-CERT, Spyware, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Handhelds, Hardware, Ryan Naraine

Blog posts 2009-10-28

Mozilla 'Plugin Check' keeps Firefox add-ons secure

Nice!There are other ways to check for these kind of updates Securina PSI for example, but every little bit helps.RE: Mozilla 'Plugin Check' keeps Firefox add-ons secureGreat service, can't argue with that.Humor - I clicked on the link and gotThis Connection is UntrustedYou have asked Firefox to connectsecurely to www-trunk.stage.mozilla.com,...

Tags: Web browsers, Mozilla Corp., Mozilla Firefox, security, plug-in

Discussion threads 2009-10-09

Cover Your Assets from September-December with Certification Programs

Hiya. You should consider deep diving into the upcoming Cert calendar so you don't fall down on your assets in '09. I suggest you take control of your information assets. Has anybody gone through the Enterprise Content Management ECM Certificate Program? The answer better be "yes." According to AIIM (don't...

Tags: Asset, Enterprise Content Management, Asset Management, Content Management, Operational Planning, Business Operations, Enterprise Software, Software, Doc

Sponsored content 2009-08-30

Why do email Digital Signatures have to be such a pain in the ass?

Use Help in NotesI got to the part where it allows you to import a pkcs12 and PKCS7 file quite easily using it.However, the whole thing is stupid. I could easily "fake" a certificate by sending the verification to numerous e-mail accounts to trick the system into trusting me.RE:...

Tags: Digital signatures, Authentication/Encryption, Digital security, SECURITY, email digital signature, digital signature, e-mail

Discussion threads 2009-08-18

Pragmatic new models for enterprise architecture take shape

This is really greatVery articulate and overall wonderful!EA, Emergent Architecture and Optimized Engagement ModelsMr Hinchcliffe,Great post. Id like to point out that our research shows the best way to move to a more responsive, agile and deliberate architect organization is through an active engagement model which employs all 'types' of...

Tags: Business process automation, Operational planning, Strategy, Enterprise software, BPM, Electronic Arts Inc., EA Team, enterprise architecture

Discussion threads 2009-08-12

Are health IT vendors trying to pull a fast one?

Not sure about your last question, i guess he would be the best person...to ask.I think that sage, GE, siemans and mckesson do have the experience necessary to make good decisions, but these are also the guys who make software for the healthcare field.Maybe their vested interest also includes self...

Tags: Vertical industries, Benefits, HEALTHCARE, Quality, HIT Standards Committee, Kibbe, health care

Discussion threads 2009-08-10

Major security holes in popular XML libraries

A security research outfit has issued a warning for several critical vulnerabilities in popular XML libraries used by a wide range of software vendors. The flaws, discovered earlier this year by Codenomicon, affect a wide range of technology products, including servers and server applications, workstations and end...

Tags: Vulnerability, Server, XML, Security, Software/Web Development, Web Development, Ryan Naraine

Blog posts 2009-08-06

Code Red for XML open source

Codenomicon said it found the issues early this year while developing a product for XML testing, and has already been working with Finland's CERT-FI on remediation. by Dana Blankenhorn

Tags: Code Red Worm, XML, Open Source, Software/Web Development, Web Development, Dana Blankenhorn

Blog posts 2009-08-06

Open-source XML-enabled application risk identified

Since XML is the foundation of all things SOA, any perceived security vulnerabilities need to be looked at very seriously. At issue appear to be XML-enabled applications built in Python, the open source language. Network World's Ellen Messmer surfaced an advisory, issued by Codenomicon, working in conjunction...

Tags: Vulnerability, SOA, Service-Oriented Architecture (SOA), XML, Security, Open Source, Web Services, Enterprise Software, Software, Software/Web Development, Web Development, Joe McKendrick

Blog posts 2009-08-05

Researchers find insecure BIOS 'rootkit' pre-loaded in laptops

LAS VEGAS -- A popular laptop theft-recovery service that ships on notebooks made by HP, Dell, Lenovo, Toshiba, Gateway, Asus and Panasonic is actually a dangerous BIOS rootkit that can be hijacked and controlled by malicious hackers. The service -- called Computrace LoJack for Laptops -- contains...

Tags: Laptop Computer, Rootkits, BIOS, Security, Spyware, Adware & Malware, Hardware, Components, Ryan Naraine

Blog posts 2009-07-30

Attack code posted for unpatched Firefox 3.5 flaw

Attack code posted for unpatched Firefox 3.5 flawA more effective mitigationThe US-CERT vulnerability note has a better mitigation:http://www.kb.cert.org/vuls/id/443060Essentially, go to about:config and set javascript.options.jit.content to "false"Not going to workThat is the main reason why the Javascript engine is so fast in Firefox 3.5. Turning it off totally NEGATES the upgrade...

Tags: Web browsers, Firefox 3.5, Mozilla Firefox

Discussion threads 2009-07-14

Attack code posted for unpatched Firefox 3.5 flaw

Mozilla's security response team is scrambling to respond to the release of exploit code for a gaping hole in the latest version of its flagship Firefox browser. The flaw, rated "highly critical by Secunia, puts millions of Firefox users at risk of remote code execution attacks. ...

Tags: Mozilla Firefox, Flaw, Vulnerability, Web Browser, Attack, US-CERT, Web Browsers, Security, Internet, Ryan Naraine

Blog posts 2009-07-14

ImageShack hacked by anti-full disclosure movement

ImageShack hacked by anti-full disclosure movementImageShack should have used Linuxas this would be a non-issue.There's no guarantee with shareThese sites just make it fun for people to enjoy the Internet.RE: ImageShack hacked by anti-full disclosure movementI do not agree with AntiSec. I believe that it is the responsibility of...

Tags: SECURITY, Full-Disclosure, ImageShack, disclosure movement

Discussion threads 2009-07-13

Building high-performance, luxury computers in a recession

Building high-performance, luxury computers in a recessionTheir systems are garbageThey only offer the completely outdated Rampage II, they use garbage ram, their build quality is shoddy and they advertise 'upgrade to win 7 free!' like it's anything special oem versions currently ship with a free upgrade cert.On top of this,...

Tags: Building High-Performance, luxury computer, recession

Discussion threads 2009-07-02

LogMeIn's IPO: The VCs made money. Will you?

LogMeIn's IPO: The VCs made money. Will you?This SMB ...... uses windows Remote Desktop and is investigating Direct Access in W7. No money left for addons when the OS does the job.That's fine if you have the capacity and ability to forward portsBut for me there are times when I...

Tags: Firewalls, Domain names, Network security, NETWORKING, SECURITY, DNS name, firewall, LogMeIn IPO, DNS, LogMeIn, IPO

Discussion threads 2009-07-01

Enterprises and employees have iPhone disconnect

Enterprises and employees have iPhone disconnectCertificate issuesThese things are a nightmare to setup using Exchange ActiveSync with a 2003 SBS combined with a Go Daddy certificate. I still won't recommend them, get an HTC.RE: Enterprises and employees have iPhone disconnectI don't understand why these businesses think cost is such...

Tags: Telecom & Utilities, Mobile applications, Apple iPhone, Go Daddy, phone

Discussion threads 2009-05-28

Apache or GPL?

Apache or GPL?Are pigs flying.This was an unbiased article and an excellent read.Name me one company that makes a LOT of moneyusing GPL'd code.Hint: $25 million a YEAR Red Hat earnings is NOT a lot of money.$9.74 billion a QUARTER Apple IS a lot of money.False Premise"On the other hand,...

Tags: OPEN SOURCE, GPL, Apache Software Foundation

Discussion threads 2009-04-29

Windows AutoRun gets a makeover to combat malware

In direct response to Conficker and an increased wave of malware attacks targeting the dangerous Windows AutoRun mechanism, Microsoft today announced significant changes to the way the operating system operates when USB drives are used. [ Roel Schouwenberg: Is...

Tags: Change, Malware, USB Flash Drive, Windows AutoRun, Microsoft Windows, Cyberthreats, Spyware, Adware & Malware, Flash Memory, Viruses And Worms, Operating Systems, Security, Software, Ryan Naraine

Blog posts 2009-04-28