search for: cybercrimin

...ty weaknesses, including some classified as ?high? severity. <...> The patch is likely to set off a mad scramble by security teams at organizations that rely on OpenSSL. That?s because security updates ? particularly those added to open-source software like OpenSSL that anyone can view ? give cybercriminals a road map toward finding out where the fixed vulnerabilities lie and insight into how to exploit those flaws. Indeed, while the OpenSSL project plans to issue the updates on Thursday, Mar. 19, the organization isn?t pre-releasing any details about the fixes. Steve Marquess, a founding partner...

...ly fast and reliable. But they may also be far more hackable. Security professionals at the Black Hat conference in Las Vegas spent Wednesday outlining the exploitable vulnerabilities in voice over Internet protocol technology, or VoIP. In a series of presentations, they demonstrated ways in which cybercriminals can eavesdrop on VoIP calls, steal data from Internet telephony devices, intercept credit card numbers from VoIP connections and shut connections down altogether. "VoIP is about convergence. The idea is that you save money and resources and time," said Barrie Dempster, a senior securi...

Hi All, Yes, I know, it's really really embarrassing to have to ask but I'm being pushed to the wall with PCI DSS Compliance procedure (http://en.wikipedia.org/wiki/PCI_DSS) and have to either justify why we don't need to install an anti-virus or find an anti-virus to run on our CentOS 5 servers. Whatever I do - it needs to be convincing enough to make the PCI compliance guy tick the