|
|
|
30
Egor Homakov, the hacker that’s famous for hacking GitHub to demonstrate a vulnerability, warns that cross-site request forgery (CSRF), a security hole that affects all browsers, must be addressed immediately because it poses a great risk for unsuspecting users.
Homakov claims that CSRF security holes are pres... |
31 March 2012
07:02 GMT |
 |
|
A grey hat hacker known as Toxic Worm provided us a proof-of-concept (POC) video to demonstrate the existence of a persistent cross-site scripting (XSS) vulnerability on the popular image hosting website ImageShack.us.
The hacker claims that he found the security hole on March 16 and reported it to ImageShack befor... |
17 March 2012
05:19 GMT |
|
|
Security researchers found a proof-of-concept (POC) vulnerability code that exploits the Remote Desktop Protocol issue patched up by Microsoft on March 13.
When the security update was made available, the Redmond company urged customers to apply the fix as soon as possible, especially since they were expecting that ... |
16 March 2012
08:28 GMT |
|
|
Georgian security expert Ucha Gobejishvili, a member of the Vulnerability Laboratory Research Team, identified a serious buffer overflow vulnerability in the latest version of the popular GOM Player. The high severity flaw can be locally and remotely exploited by an attacker who opens, or convinces the victim to ope... |
12 March 2012
04:34 GMT |
|
|
Two grey hat hacker collectives joined forces and launched an operation called Op Ivy, intended to reveal the large number of vulnerabilities present in the official websites of major universities, first ones on the list being Brown University, Columbia University, Dartmouth University, Cornell University, Harvard Un... |
23 February 2012
04:42 GMT |
|
|
Ucha Gobejishvili, also known as longrifle0x, the Georgian hacker featured in our Hackers around the world series, found a high-severity local file inclusion vulnerability in Pandora FMS 4.0.1, a powerful monitoring tool capable of monitoring networks, systems, applications and websites. The Vulnerability Lab resear... |
17 February 2012
11:09 GMT |
|
|
Vulnerability Lab researchers released a proof-of-concept video to reveal a buffer overflow issue present in Yahoo Messenger, the popular instant messaging client. The high severity security hole was identified by Manideep, also known as z3r0 erR0R, who proved that when users try to send an image file on chat rooms ... |
11 February 2012
07:13 GMT |
|
|
The systems used by financial institutions often turn out to be unsecure, exposing their customers to malicious operations. However, a security expert claims that instead of addressing these issues, many banks turn to threaten the ones that found the flaws to remove proof-of-concept (PoC) papers and videos from publi... |
9 February 2012
05:50 GMT |
|
|
Aditya Gupta, a researcher from the Vulnerability Lab released a demonstration video to prove that a remotely exploitable issue could allow a cybercriminal to post a message on Google+ on the victim’s behalf.
These types of clickjacking schemes are not uncommon and they’re mostly used in spam campaigns l... |
7 February 2012
06:28 GMT |
|
|
A researcher from IOActive Labs presents an interesting issue that affects some Windows 7 or Windows 2008 installer files which could allow an attacker to elevate his own privileges and compromise the operating system.
Cesar Cerrudo reveals that the C:\Windows\Installer\ folder contains installer file... |
19 January 2012
09:29 GMT |
|
|
Security experts show that a virus can take full control over an Internet Explorer browser and manipulate bank transactions in real-time even if the bank’s customer that’s about to perform the task relies on an OTP (one time password) device. Yash K.S., chief technology officer at Red Force Labs, release... |
18 January 2012
07:58 GMT |
|
|
Indian security researchers Aditya Modha and Samir Shah found a zero-day cross-site scripting (XSS) vulnerability in the recently released WordPress 3.3.
Modha and Shah tested the proof of concept on an Apache server, proving that by simply posting a comment on a WordPress website, an attacker can execute arbitrary ... |
3 January 2012
08:14 GMT |
|
|
After he gave HP around a month to patch up their vulnerabilities that affected some of their LaserJet printers, Ang Cui, the Columbia University researcher demonstrated his proof of concept at the 28C3 Chaos Communications Congress in Berlin, Germany.
In a one-hour demonstration, Cui explained how he managed to rev... |
3 January 2012
07:15 GMT |
|
|
Medium severity vulnerabilities are found in Kaspersky Anti-Virus and Kaspersky Internet Security 2011/2012 which can allow an attacker to crash the complete software process.
Researchers from Vulnerability Laboratory found a flaw caused by an invalid pointer corruption when processing a corrupt .cfg file through th... |
22 December 2011
09:41 GMT |
|
|
Microsoft has updated a collection of resources designed to let customers test drive free of charge a plethora of its technologies, including Windows 7. Version 2.0 of the Proof of Concept Jumpstart Kit is now available on the Microsoft Download Center, although the Redmond company has yet to announce the refresh of... |
6 May 2011
03:42 GMT |
|
|
With the first Beta for Windows 7 Service Pack 1 expected by the end of the next month, and with the full upgrade planned for delivery by the end of 2010, there’s no better time to start migration planning and piloting the operating system. Since May 2010, Microsoft has been offering a collection of resources d... |
17 June 2010
03:36 GMT |
|
|
Microsoft has continually upped the ante when it comes down to resources offered to customers to help simplify the adoption of its new products and technologies. The comprehensive series of Solution Accelerators offered over the past years is an illustrative example of this, but, earlier this month, new offerings wer... |
20 April 2010
11:21 GMT |
|
|
Microsoft and Intel are working together on a solution the two companies are advertising as the future of digital signage. The National Retail Federation (NRF) Annual Convention & Expo acted as the stage where the two companies demonstrated the Intel Intelligent Digital Sign Proof of Concept. According to the softwar... |
12 January 2010
07:28 GMT |
|
|
Microsoft has reacted rapidly to public reports of a zero-day denial-of-service vulnerability in its latest iterations of the Windows client and server operating systems, and is providing customers with guidance on how to block potential attempts to take advantage of the security flaw. In this regard, the Redmond com... |
14 November 2009
07:04 GMT |
|
|
Windows 7 might not have been affected by any of the November security bulletins released by Microsoft, but this doesn’t mean that the operating system is bulletproof. In fact, a zero-day vulnerability, impacting both the latest iteration of Windows client and server operating systems, has been documented in th... |
12 November 2009
10:09 GMT |
|
|
Whether you believe in ghosts or not is irrelevant from a browser point of view. The matter is that you'd better start believing because Microsoft's browsers allow "ghosts" to take more than a peek over your shoulder, in fact, it permits them to see and register every move associated with the browsing proce... |
2 July 2008
09:53 GMT |
|
|
|
|
Find us on Google+
