Search / 9 posts tagged core-security

Sometimes I see myself as something of a social anthropologist. I'm really fascinated by the social, interpersonal and individual dynamics of how people interact, communicate and work together. I had a great opportunity to observe exactly that through the social networking that occurs among the network security community while at Black Hat this week.

Vendor parties during Black Hat USA is always interesting, because the conference is in Las Vegas. Here is a list of vendors that I know of that are throwing parties this year at Black Hat USA 2008. Tuesday, August 5th Qualys Fortify Wednesday, August 6th Arbor Networks MANDIANT WASC / OWASP

Security, Software, enterprise Wade Roush wrote: If you’re a typical homeowner, it would probably be overkill to have a live-in plumber who spends all his time checking the pipes for leaks. But if your plumbing system were constantly getting new parts, carrying volatile new liquids, and fending off corrosive agents, it might not be such a bad idea.

So, turns out there’s been a security hole that could let anyone hack into various cities’ water treatment plants, natural gas lines, or potentially even nuclear power plants. It could give them the access to stop treatment of an entire city’s water supply, shut off electricity for countless communities, or do any number of other damaging things.

According to researchers at Core Security, the bugs discovered by them in the calendar application iCal in January are still not patched even though they promptly informed Apple about it. The firm found three security flaws which may seriously jeopardize the user system if exploited.

Just yesterday, Core Security Technologiys said the Apple's iCal calendar applicationfound out to contin three vulnerabilities that allow a hacker to crash the application. "The most serious of the three vulnerabilities is due to potential memory corruptionresulting from a resource liberation bug

See cached article | See other articles from this feed | Abuse Report After months of back-and-forth and multiple delays by Apple, Core Security is sounding a public alarm on critical vulnerabilities in the iCal calendar program Tags: ical calendar program, apple, multiple delays, core

There were a couple of random things that I wanted to comment on. The first was a post by Dave Lewis of Liquidmatrix. The post in question is a discussion of a Wonderware advisory released by Core Security and the level of detail that they provided. Dave doesn't agree with the level of detail provided...

It seems like security/pen-testing software can be quite lucrative - especially with the prices Core Security charge for their flagship tool Core Impact (Around $25,000 per seat?). They have offices in two countries and are now looking to expand into new markets, anyway this is a bit of corporate security news for a change.