Intrepidus Group announced that they've identified dangerous vulnerabilities in the Palm Pre WebOS. The vulnerabilities illustrate one more reason why we would NEVER use an off-the-shelf mobile device for online banking or anything else really sensitive. Even if the on-line bank app was written without security flaws [which is more than doubtful], flaws in the underlying OS [or Trojan horses embedded in other apps] just make it way too dangerous. Don't be lulled by the fact that Palm has already released an update to WebOS. Remember the mantra: All complex software is flawed and has vulnerabilities.
Read more at V3.co.uk ...
Citadel Information Group
Information Security Management for Business and the Not-for-Profit Community
www.citadel-information.com
Delivering Information Peace of Mind ®
www.citadel-information.com
Delivering Information Peace of Mind ®
Posts
Search This Blog
Index of Topics
- Business at risk (115)
- Citadel in the news (7)
- Citadel Information Security Guides (8)
- Citadel: Guide to Blog (1)
- Citadel: Thinking about Security (10)
- Cloud Security (2)
- Consumers at risk (13)
- Credit card fraud (14)
- Culture Change (1)
- Financial systems security (67)
- Healthcare (7)
- Identity theft (30)
- Insurance (1)
- Internet badlands (113)
- ISSA-LA (2)
- Law Firms (2)
- Legal (23)
- Miscellany (6)
- national security (46)
- Not-for-Profit (5)
- Privacy (27)
- Ray of Sunshine (15)
- School security (3)
- Security Alert: Vulnerability Management (74)
- Security management (24)
- Security Research (5)
- Security Surveys (13)
- Social Engineering (1)
- Social networks (13)
Blog Archive
-
►
2011
(2)
- ► January 2011 (2)
-
▼
2010
(237)
- ► December 2010 (6)
- ► November 2010 (9)
- ► October 2010 (7)
- ► September 2010 (8)
- ► August 2010 (13)
-
▼
April 2010
(39)
- NSA Reviews Future Cybersecurity Techniques, Techn...
- Facebook's Social Web: Protecting Your Privacy
- Rapport: A Potential Tool for Lowering Risk of Onl...
- Congressman Asks FTC to Investigate Privacy Risks ...
- Infamous Spam-Sending "Storm Worm" Stages a Comeback
- Report Shows Weaknesses in Anti-Virus Engines
- Money Mules: The Final Link in Getting Your Money ...
- Cybercriminals Learn to Hide Their Malware From Se...
- Analysis of 43 Online Bank Thefts Illustrates Dive...
- White House Moves to Focus Cybersecurity Strategy ...
- Symantec 2009 Global Internet Security Threat Report
- Fire Alarm Company Burned by e-Banking Fraud
- Cybercriminals Take Advantage of McAfee Snafu
- Social Engineering Case Study: Google Hackers Dupe...
- McAfee Antivirus Software Locks Up PCs
- Health Care Survey: Slow Hospital Compliance with ...
- China-Google Controversy Illustrates Cloud Securit...
- Rent-a-Fraudster: A Fascinating Look at the Cyberc...
- GAO report says IRS Blase' about Cybersecurity
- Mozilla Disables Insecure Java Plugin in Firefox
- A Security Flaw in Palm Pre Demonstrates Need for ...
- California Senate Passes Strengthened Data Breach ...
- Changing Culture Improves Organization's Data Priv...
- Visitors to Web Sites Hosted by Network Solutions ...
- $500 Buys Entry-Level Cybercrime Exploit Pack
- Java Patch Targets Latest Attacks
- U.K. Approves Crackdown on Internet Pirates
- In cyberwar, who's in charge?
- ISP Privacy Proposal Draws Fire
- Cybersecurity Coordinator Howard Schmidt: Private ...
- Computer Crooks Steal $100,000 from Ill. Town
- Researchers begin work on 'sophisticated' security...
- e-Banking Guidance for Banks & Businesses
- Security Updates for Foxit, QuickTime/iTunes
- Cyber Security Survey Finds Businesses' Most Valua...
- Cybercriminals Find Way to Test Malware Before Lau...
- Java Patch Plugs 27 Security Holes
- Cybercrime Gangs Fight Each Other Over Desktops
- Washington State Law Requires PCI Compliance; Allo...
- ► March 2010 (65)
- ► February 2010 (38)
- ► January 2010 (27)
-
►
2009
(83)
- ► December 2009 (17)
- ► November 2009 (7)
- ► October 2009 (9)
- ► September 2009 (22)
- ► August 2009 (17)
- ► February 2009 (1)
Information Security Links
- Citadel Information Group
- Google Online Security Blog
- Information Systems Security Association
- Information Systems Security Association - LA Chapter
- InfraGard - Los Angeles
- Krebs on Security
- Microsoft Malware Protection Center
- MITRE CVE
- NIST Computer Security Resource Center
- Open Web Application Security Project (OWASP)
- Privacy Rights Clearinghouse
- SANS Internet Strom Center
- US CERT
Disclaimer
Citadel provides this blog as a public service to the community. We make no claim or representation that items posted on this blog are correct. We post "Security Alerts" primarily to assist readers manage security vulnerabilities on their personal home computers; these alerts are NOT comprehensive and are not to be relied upon as such.
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com