Get up-to-the-minute news and opinions, plus access to a wide assortment of IT security resources that will keep you current and informed.

Keep me logged in Forgot your password?

Please wait...

Please wait...

 Vulnerabilities & Flaws

Yahoo rushes to fix Axis browser certificate leak in Chrome

May 24, 2012

Barely a day old, Yahoo's new Axis browser already is facing its first security issue, after source code for its Chrome add-on contained the private key used to sign it.
 

Exploits greeting users at foreign policy, human rights sites

May 15, 2012

A host of websites, including the U.S.-based Center for Defense Information, have been compromised with malicious code in order to target and infect visitors.
 

Apple releases Safari, OS X fixes

May 11, 2012

Apple and Adobe this week released patches for vulnerabilities that could enable attackers to execute malicious code.
 

Microsoft hands out more Duqu fixes despite prior patch

May 08, 2012

Just when you thought all of the windows that control system recon trojan Duqu used to propagate had been roped off, the software giant releases a new set of fixes.
 

Why aren't customers dropping Oracle?

Josh Shaul, CTO, Application Security Inc. May 04, 2012

In light of a controversial zero-day flaw that was never patched, customers should pressure database giant Oracle into being more dependable, transparent and timely when it comes to fixing security problems.
 

Twenty-three Microsoft fixes set for Patch Tuesday

May 04, 2012

Microsoft on Tuesday plans to dispense seven patches to correct 23 security vulnerabilities.
 

Flash flaw being used to deliver email based attacks

May 04, 2012

Adobe on Friday issued an emergency patch for a critical bug in its Flash Player software that is being used in targeted malware attacks.
 

Chinese firewall maker booted from Microsoft sharing program

May 03, 2012

The leak of details regarding a major Windows bug, which resulted in the removal of DPTech Technologies as a trusted Microsoft partner, calls into question how impervious a vulnerability sharing program can be.
 

Oracle lists workarounds following zero-day disclosure

May 01, 2012

Oracle on Monday urged customers to apply a number of technical measures so organizations can avoid falling victim to a zero-day vulnerability for which proof-of-concept code has been posted.
 

Researcher confused over handling of Oracle database bug

April 26, 2012

A security researcher who reported a vulnerability in the popular Oracle database product said Thursday that his discovery was never patched and remains wide open to attack.
 

Google to offer up to 20K prize for bug finds

April 25, 2012

Google has significantly increased its finder's fee for vulnerability researchers.
 

WordPress gets updated for security issues

April 23, 2012

WordPress installations received a security upgrade on Friday to patch a number of vulnerabilities.
 

Bounties keep reported bug count low, but severity high

April 18, 2012

Researchers are focusing on higher-risk vulnerabilities more than ever thanks to an increased interest in selling their finds to legitimate buyers.
 

Third Apple Java update rids infections and turns off Java

April 13, 2012

Apple has released a third update related to Flashback, but this time, the patch comes with a detection and removal capability for the prolific trojan, and disables Java by default.
 

Oracle to issue quarterly patches next week

April 13, 2012

Oracle next week will release 88 new security vulnerability fixes across hundreds of its products.
 

Microsoft patches 11 security issues, attacks underway

April 10, 2012

Administrators better hurry to patch at least one vulnerability, in Windows Common Controls, that is being used in limited but targeted exploits.
 

Apple is the richest company in the world, but it's not very good at dealing with malware

April 06, 2012

It's time for Apple to step up its game when it comes to dealing with security threats.
 

Microsoft to sew up 11 security vulnerabilities next week

April 05, 2012

Get ready IT administrators: Scheduled patches from Microsoft -- and Adobe -- are set to arrive on Tuesday.
 

Apple updates Java after malware spreads

April 03, 2012

Enterprise users of Java for the Mac OS X should ensure their machines are updated with the latest security patch from Apple, released Tuesday.
 

"Flashback" trojan targets Mac computers

April 02, 2012

A live exploit is making the rounds that takes advantage of a bug in Java, which has already been patched, but hasn't yet made its way to Mac OS X users.
 

Trojan targets Tibetan activist groups that use Macs

March 30, 2012

Researchers have uncovered a rare instance of so-called espionage malware for the Mac OS X platform.
 

Adobe patches Flash, includes automatic update option

March 28, 2012

Adobe on Wednesday released an update for its Flash Player, which includes a capability for users to receive future updates automatically.
 

RockYou to pay FTC $250K after breach of 32M passwords

March 27, 2012

The FTC seemed most upset with RockYou's failure to protect the personal information of 179,000 children who registered to use the site.
 

Exploit for gaping Microsoft RDP hole may have gotten help

March 16, 2012

A proof-of-concept that has emerged and takes advantage of a very serious Windows vulnerability may have been the result of a leak, said the researcher who first discovered the bug.
 

Wormable Microsoft RDP flaw appears closer to exploit

March 15, 2012

The race appears to be on to develop a working exploit for a serious Windows vulnerability patched earlier this week by Microsoft.
 

Flaw in Microsoft tool that enables remote connect is patched

March 13, 2012

A severe vulnerability in the Remote Desktop Protocol, which was patched by Microsoft on Tuesday along with six other bugs, affects all versions of Windows and could result in a worm.
 

Porn site Digital Playground hacked to expose card numbers

March 09, 2012

Online hackers have compromised two adult websites, including the very popular YouPorn, in recent weeks, apparently to highlight weak security.
 

Microsoft to patch seven security issues with six bulletins

March 08, 2012

Microsoft next week plans to release six patches, including one for a "critical" vulnerability affecting all supported versions of the software giant's operating system.
 

Russian works around sandbox to pull off Chrome exploit

March 08, 2012

One of the most prolific Chrome researchers has netted Google's top prize in its inaugural Pwnium competition. Google promptly patched the bug.
 

Purported Iran nuke document contains trojan

March 05, 2012

The malicious file spreads thanks to a vulnerability in the popular Adobe Flash software.
 
Popular Topics
4G-war Advanced Persistent Threat Adware AMTSO Anonymous Botnets Cyber Attacks Cyber Crime Data Breach Data Breaches Encryption Hackers Hacktivism Health Care IT Security Java Malware Mobile Devices Phishing Risk Management Social Security Numbers Stolen Information Survey Trojans Vulnerabilities & Flaws