|
Home / News / Tags / vulnerabilities
|
|
Stories about: vulnerabilities |
|
|
The vulnerability in question is rated as highly critical, ranking in at 10.0 on the CVSS (Common Vulnerability Scoring System), and it is the first time since 2005 that Oracle breaks the quarterly update release cycle to address a security issue. The Apache plugin for Oracle WebLogic (you might know it under its for... |
29 July 2008
08:50 GMT |
 |
|
The four vulnerabilities that have been deemed as highly critical refer to the fact that an attacker, from a remote location, could get access to the user's sensitive information. RealNetworks has issued a fix at the end of last week, and all RealPlayer users are well advised to update and patch their vulnerable... |
28 July 2008
06:07 GMT |
|
|
For the past week or so, Dan Kaminsky and the DNS (Domain Name System) flaw that he discovered have made the headlights of numerous online publications. Although specific, technical details about the flaw have yet to be disclosed, the IT industry assures us that the 8th of July patch has solved the problem. Founder ... |
18 July 2008
05:09 GMT |
|
|
Kris Kaspersky, software engineering expert, security consultant and technical writer, will demonstrate at the upcoming HITB (Hack in the Box) Security Conference how an attacker can use JavaScript and TCP/IP packets to remotely exploit a flaw in the Intel processor. The conference will be held in Malaysia over a pe... |
14 July 2008
09:25 GMT |
|
|
BSD is short for Berkeley Software Distribution, and Open BSD, as the name suggests, is an open-source operating system, very similar to Unix. The flaw was discovered by Otto Moerbeek who works as an OpenBSD developer, and it seems to be dating from 1975. This is not the first time that researchers come across such ... |
10 July 2008
11:49 GMT |
|
|
A short while back we were reporting on a DNS flaw discovered by Dan Kaminsky, and which has since then been patched by the industry. The thing is that after unveiling this vulnerability, he met with industry representatives from the 16 major IT companies that manufacture DNS software and shed some light on the situ... |
10 July 2008
11:08 GMT |
|
|
Google, IBM and The Swiss Federal Institute of Technology do not take this lightly, unlike hundreds of millions of users out there. According to a study conducted by five researchers from the above mentioned companies, only 59% of PC users take the time to update and patch their browser. The remaining some 40% or abo... |
2 July 2008
04:51 GMT |
|
|
Ever wanted to know what vulnerabilities sites have? What can be exploited and how efficient it will be? Well, WhiteHat Security has released a security statistics report on their website for everyone to see. It's pretty insightful and if you are just a little bit tech-savvy I don't think you'll have a... |
11 October 2007
06:11 GMT |
|
|
Microsoft has acknowledged that they have vulnerabilities in their programs and are making users aware of this, at the same time issuing patches. The vulnerabilities, should they remain unattended, could be exploited by malicious users to cause serious problems. It is important that you patch up the holes and stay se... |
10 October 2007
08:39 GMT |
|
|
Like I've always said - enforcing cyber-security is no easy task, but things are way more difficult than they seem. Why? Well, if you work as an IT manager, then you know that no matter how hard you strive to make a network safe, there will still be a bastard out there that will screw things up for you! But the ... |
10 October 2007
06:03 GMT |
|
|
Adobe products are very popular and if they're found with flaws, it means that a lot of machines are vulnerable. And if the recent Adobe-related bad news wasn't enough, other two vulnerabilities have been disclosed in Adobe Illustrator CS3. The flaws are related to PNG/BMP file processing, and let me tell y... |
10 October 2007
05:35 GMT |
|
|
I wrote a hot material a couple of weeks ago, about the fact that Petko D. Petkov of GNUcitizen had discovered serious vulnerabilities caused by opening PDF files. Hackers exploiting those could have screwed up (for good) the Windows box. He didn't give us the proof of concept, in fear hackers will use it and th... |
9 October 2007
04:47 GMT |
|
|
Security experts are always trying to make other people see that their systems are vulnerable, fact which means they need improvement! This is just another one of those cases - white hatters at ProCheckUp have given a proof of concept in an earlier paper on how easy it is to make a total mockery of Axis 2100 IP camer... |
8 October 2007
10:35 GMT |
|
|
Researchers have disclosed multiple vulnerabilities in the Sun Java JRE. These could have been exploited by malicious users to wreak havoc on one's machine; fortunately, they've already been patched. The flaws would affect Windows, Solaris and Linux users. They have been dubbed "highly critical" by Secunia ... |
5 October 2007
04:50 GMT |
|
|
Several products from VMWare have been disclosed with flaws that could cause some nasty consequences if exploited by malicious users. The affected products are VMWare ESX Server, VMWare ACE, VMWare Player, VMWare Server and VMWare Workstation. I will name the versions as well, later on, when I explain the vulnerabili... |
20 September 2007
13:36 GMT |
|
|
I've seen many people that blog about security saying that this aspect in their country has got to be the worst. Well, that's not true, unless you live in the Asia Pacific zone. This area comprises Australia, Brunei, Cambodia, People's Republic of China, Fiji, Guam, Indonesia, Kiribati, North Korea, So... |
19 September 2007
06:48 GMT |
|
|
I think that this is all that hackers have been waiting for. Widgets are pretty popular and people like them (I consider this type of applications useful myself), so the disclosure of vulnerabilities in this type of software means that hackers will have a lot of opportunities to be successful in their deeds. But this... |
18 September 2007
09:32 GMT |
|
|
I've just seen a chart of the top 10 vulnerable vendors for the first half of 2007. Guess who's number one! Yep, it's good old Microsoft, but I guess that is no surprise to you is it? And ranking last in the top 10 was Linux kernel. In this chart, it's a good thing to rank as number 10, since this... |
18 September 2007
05:10 GMT |
|
|
Icepack has just been updated. It seems that the ones who built it do not slack for a second. The moment Windows got a new feature or update, the hackers discovered the vulnerability and designed a tool to attack it. This is called exploiting a zero-day vulnerability. Damn, these guys are fast! It's not the fact... |
12 September 2007
06:18 GMT |
|
|
Have you noticed how security experts and companies strive to enforce the DRM, but with no notable success? They brag about new DRM modules and their strengths and the next day, a pirate hacks it and steals movies, mp3 and anything he likes, as if these weren't even protected. A lot of money has been spent on me... |
11 September 2007
05:13 GMT |
|
|
Hackers are always probing the net to see which users are vulnerable and which sites have flaws that they can exploit. Of course, it's a good thing to deploy security measures on your website, but it's imperative to use them if you are the army. You can't just play around like that, I mean, represent t... |
10 September 2007
03:59 GMT |
|
|
You know it - the Web has changed a lot. Many things have occurred since the ARPAnet first appeared and now we have Web 2.0. And as always, more features means more vulnerabilities which equals more/worse threats. The landscape has changed a lot and so has hacker mentality. Also, viruses have become worse and now, th... |
7 September 2007
16:21 GMT |
|
|
You may think embassies, playing such an important role in relationships between countries, would have tight security measures installed. To be honest, I thought so myself, but apparently I was wrong. The information that leaked from the embassies is rather crucial, because it can seriously compromise the relations b... |
31 August 2007
05:52 GMT |
|
|
This is a site where security researchers auction their most recent disclosures. Is this right? Sure, it's great that these guys are finally getting some dough for all their work, but what if these flaws are bought out by hackers that will never disclose them to the original program/site creators? I don't t... |
24 August 2007
09:04 GMT |
|
|
This software has been disclosed to have a couple of vulnerabilities that, if exploited by malicious users, could cause Denial of Service. The DoS attack is an attempt to make a computer resource unavailable to a certain user. It is generally used to prevent an Internet site or service from functioning efficiently or... |
22 August 2007
11:18 GMT |
|
|
It took Microsoft more than three months to come up with a patch for the Windows Animated Cursor Handling critical vulnerability but not until the flaw began being exploited in the wild. On the first day of April, Microsoft Security Response Center revealed that the company would make available an out of band securit... |
2 April 2007
02:50 GMT |
|
|
Microsoft has issued a public warning related to a new zero-day vulnerability targeting Windows .ani files that impacts all versions of the Windows platform including Vista. The zero-day vulnerability in Microsoft Windows Animated cursor handling is currently being actively exploited; but the Microsoft Security respo... |
30 March 2007
02:44 GMT |
|
|
|
|
