Mobile Version
Subscribe
Contact Us
About Us
Advertising
Editorial
SC UK
SC Aus/NZ
Home
News
Features
Opinions
News Bytes
Editorial Videos
In Focus Videos
Products
Podcasts
Canada
Newsletters
Products
Group Tests
First Looks
Products
About Reviews
Blogs
The News Team Blog
The Data Breach Blog
The SC Magazine Awards Blog
Extras
ebooks
Case Studies
Slideshows
Spotlights
Buyers Guide
Whitepapers
IT Security Jobs
Events
SC Awards U.S.
SC Congress Canada
SCWC 24/7
SC Awards Canada
SC Congress New York
Editorial Webcasts
Vendor Webcasts
Subscribe
Newsletters
Subscribe to SC
Archive
Archive
Featured Topics:
Patches
Malware
Breaches
Government
Cybercrime Corner
Congress Canada
Canada News
RSS
|
Login
|
Register
Vulnerabilities & Flaws
Trojan appears that leverages patched Microsoft Office flaw
Dan Kaplan
February 09, 2012
The exploit, which is being used in targeted attacks, arrives as an email that contains a Microsoft Word file and a separate DLL file, a rare combination considering DLL files are not typically sent over email.
Microsoft issues patch plans, includes Internet Explorer fix
Greg Masters
February 09, 2012
Tuesday's monthly patch batch from Microsoft will be relatively light, with the software giant planning nine fixes -- four rated "critical" -- to address 21 vulnerabilities.
WordPress attacks try to infect users with dangerous rootkit
Dan Kaplan
February 01, 2012
Automated attackers are trawling the web for vulnerable WordPress blogs so they can silently redirect users to dangerous exploits. So far, however, the number of victims is in the hundreds.
Just-patched critical Microsoft bug under attack
Dan Kaplan
January 26, 2012
Researchers warned Thursday that a recently patched vulnerability in Windows Media is being used by remote attackers to launch malware.
Oracle to ship 79 patches next week
Dan Kaplan
January 12, 2012
As part of its quarterly security update, Oracle on Tuesday is planning to release 79 patches to address vulnerabilities across its product line.
Adobe patches Reader bugs, releases new JavaScript feature
Dan Kaplan
January 10, 2012
Adobe joined Microsoft with software updates on Tuesday for Reader and Acrobat. In addition, the PDF software company released a new capability that allows JavaScript to run based on document trust.
Microsoft issues seven security patches, BEAST fix included
Stephen Lawton
January 10, 2012
While Tuesday's security update only contains one fix for a "critical" issue, it addresses a number of issues that could lead to malware infestations.
Adobe to release quarterly updates to address critical bugs
Greg Masters
January 06, 2012
Adobe announced Friday that it intends to release its quarterly updates next week.
HP "fire" bug patched on dozens of printers
Dan Kaplan
January 05, 2012
HP has quietly delivered a fix for a vulnerability in some of its printers that could be leveraged to steal sensitive documents, gain control of corporate networks, or even set the affected devices on fire.
Microsoft preps seven security patches
Dan Kaplan
January 05, 2012
The security update, which plans to address eight vulnerabilities, will include one "critical" fix.
WordPress releases update following security issue
Dan Kaplan
January 04, 2012
WordPress has made available version 3.3.1 of its popular blogging software, which closes 15 vulnerabilities, including a cross-site scripting hole that was revealed Monday by two Indian security researchers.
At 10 years old, Internet Explorer 6 is almost an artifact
Dan Kaplan
January 04, 2012
Internet Explorer 6 (IE 6) usage has dropped below one percent in the United States, Microsoft announced Tuesday. Security is a big reason being used to encourage users to update.
Microsoft delivers rare out-of-band patch for ASP.NET issue
Dan Kaplan
December 29, 2011
Some Microsoft engineers likely spent the holidays prepping a patch for a dangerous denial-of-service vulnerability affecting the .NET Framework.
Vulnerability allows brute force hacking of wireleless routers
Dan Kaplan
December 28, 2011
A computing standard than enables users to easily stand up an encrypted wireless network suffers from a design weakness that could enable attackers to gain router access, according to US-CERT.
Microsoft scrambles to address widespread ASP.NET bug
Dan Kaplan
December 28, 2011
There is no holiday lull for Microsoft, as the software giant is working to address a potentially dangerous denial-of-service vulnerability impacting its entire .NET Framework. Other vendors may be impacted too.
Mozilla fixes crash issue after new Firefox version issued
Angela Moscaritolo
December 22, 2011
One day after releasing version 9 of its Firefox web browser, Mozilla on Wednesday issued Firefox 9.0.1 to address an issue that caused Windows, Mac and Linux users' browsers to crash.
Researcher finds Microsoft Windows 7 security bug
Dan Kaplan
December 20, 2011
The vulnerability is present on a Windows driver file and is exploited via the Apple Safari browser.
Out-of-band fix for Adobe Reader security issue coming Friday
Angela Moscaritolo
December 15, 2011
An out-of-cycle patch is coming to fix a flaw in Adobe Reader and Acrobat 9 for Windows.
Chrome 16 includes 15 vulnerability fixes
Angela Moscaritolo
December 14, 2011
Google on Tuesday released Chrome 16, which includes fixes for 15 security vulnerabilities.
"Critical" Microsoft security bugs at lowest level since 2005
Angela Moscaritolo
December 14, 2011
Microsoft officials credit more robust software security design with a diminished number of bugs garnering the tech giant's most severe rating.
Thirteen patches from Microsoft, including Duqu fix
Dan Kaplan
December 13, 2011
Tuesday's baker's dozen of security patches from Microsoft includes a fix for a vulnerability that helped spread the dangerous information-stealing Duqu trojan, which targets industrial control systems.
Oracle updates Java, Adobe patches ColdFusion
Angela Moscaritolo
December 13, 2011
An update from Oracle clears up, among other vulnerabilities, an issue that caused Java 6 Update 29 to break SSL connectivity. Meanwhile, Adobe offered a fix for its ColdFusion development platform.
Three "critical" patches to be in Microsoft security update
Dan Kaplan
December 08, 2011
Microsoft on Tuesday is scheduled to release 14 patches to fix 20 vulnerabilities across its product line.
Lockheed Martin hit, but not breached, with Adobe zero-day
Angela Moscaritolo
December 08, 2011
Defense contractors appear to be the prime target of sophisticated malware that attempts to take advantage of an unpatched flaw in Adobe Reader and Acrobat software.
Group brings lawsuit against HP over printer "fire" bug
Dan Kaplan
December 06, 2011
A New York man who owns two Hewlett-Packard printers has brought a class-action lawsuit against the technology giant over a vulnerability that opens the device up to a hacker attack.
MIT researchers suggest power grid security oversight
Angela Moscaritolo
December 06, 2011
While a number of entities have a stake in maintaining the cyber security of the U.S. electric grid, no single organization is currently responsible for overseeing protection across all aspects of grid operations.
Adobe to issue emergency fix for Reader security bug
Dan Kaplan
December 06, 2011
Adobe warned Tuesday of an unpatched vulnerability in its Reader and Acrobat software after catching wind of active exploits by cybercriminals.
New mass SQL injection attack could be forming
Dan Kaplan
December 02, 2011
Based on a Google search of a malicious SQL string being used, more than 4,000 websites have been infected in less than 24 hours.
"Significant" security threats found in Android devices
Angela Moscaritolo
December 02, 2011
Android phones from leading manufacturers -- including HTC, Motorola and Samsung -- contain pre-loaded applications that do not properly enforce the platform's permission-based security model.
New Java exploit one of many impacting firms
Dan Kaplan
December 01, 2011
A new exploit, which has made its way into the Metasploit framework, underscores the danger posed by Java vulnerabilities, which are responsible for many of today's enterprise malware threats.
Sponsored Links
Most Popular
Most Emailed
Most Recent
FBI call gives clues into Anonymous, LulzSec probes
Anonymous raids law firm over its defense of Marine
Deadline looms to remove click-fraud malware
Security breaches impacting VeriSign emerge in filing
MasterCard announces product future around EMV
Risk: Security's new compliance
Don't let Wi-Fi hotspots get the best of you
Attacks could steal HTC Wi-Fi codes with malicious app
Symantec code posted despite attempt to trap suspect
Google using custom malware scanner for Android apps
Risk: Security's new compliance
Deadline looms to remove click-fraud malware
FBI call gives clues into Anonymous, LulzSec probes
Anonymous raids law firm over its defense of Marine
Phishing email leads to Denver area health care breach
Don't let Wi-Fi hotspots get the best of you
Security vendors can no longer ignore patch management
Google using custom malware scanner for Android apps
Lessons on insider threats
Security breaches impacting VeriSign emerge in filing
Trojan appears that leverages patched Microsoft Office flaw
Microsoft issues patch plans, includes Internet Explorer fix
Standards body to certify PCI end-user experts
Breaches aided by weak passwords, poor AV detection
Hacktivist-led DDoS is now the most common type, study finds
Anonymous renders Canadian Nazis not-so-anonymous
Cavoukian slams Supreme Court
SDA, McAfee mark Canada's card
Symantec code posted despite attempt to trap suspect
MasterCard announces product future around EMV
Powered by Disqus
Popular Topics
Analyst Reports & Industry Surveys
Android
Anonymous
Breaches & Exposures
Canada
Data Breaches
DNS
Education
Exploit
Finance
Government
Hackers
Hacktivism
Health Care
Lawbreakers & Cybercrime
Lawsuit
Legislation
LulzSec
Malware
Mobile Devices
Patch Management
Rootkits
SC Awards 2012
Trojans
Vulnerabilities & Flaws