software
Corel DLL hijacking vulnerability could allow arbitrary command execution
Corel has developed a wide range of products including graphics, photo, video and office software. When a file associated with the Corel software is opened, the directory of …
Information Security Analytics
Authors: Mark Talabis, Robert McPherson, I. Miyamoto, Jason Martin Pages: 182 Publisher: Syngress ISBN: 0128002077 Introduction We’ve all heard about Big Data and …
Rails security scanner Brakeman 3.0.0 released
Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at …
Phish out WPA networks’ password with Wifiphisher
Greek computer geek George Chatzisofroniou has released a stable version of Wifiphisher, a tool aimed at automating phishing attacks against WPA networks in order to discover …
The hidden dangers of third party code in free apps
Research from MWR InfoSecurity has shown the various ways hackers can abuse ad networks by exploiting vulnerabilities in free mobile apps. When people install and use free …
Researcher publishes JavaScript DoS tool
Trigger-happy attackers looking for additional ways to bring websites to their knees by means of a DoS attack have been given another tool that can aid in their efforts: …
30+ bugs found in Google App Engine
Adam Gowdiak, CEO of Polish firm Security Explorations, has announced that his team of researchers have discovered over 30 serious security issues in the Java security sandbox …
Software security in a market for lemons
There is little doubt that it’s difficult to develop secure software. First, you need to be aware of the need for security, accepting it as an important element of …
Firefox 34 comes with critical security updates
Firefox 34 includes eight security updates, three of which are Critical, three High and two moderate. MSFA-2014-91 Privileged access to security wrapped protected objects …
VPN providers urged to update OpenVPN due to critical DoS bug
The OpenVPN Project has issued a new version of its popular open source software of the same name and is urging users to implement it, as it solves a critical denial of …
Intel acquires digital identity manager PasswordBox
Intel acquired PasswordBox, a provider of a cross-platform identity management service that gives users a way to log into all of their websites and applications from any …
Adobe urges users to implement critical out-of-band Flash Player update
For the second time in a month, Adobe has issued a security update for Flash Player. This out-of-band update finally fixes a critical vulnerability that could be misused by …
Featured news
Resources
Don't miss
- Identifying high-risk APIs across thousands of code repositories
- Want fewer security fires to fight? Start with threat modeling
- Build a mobile hacking rig with a Pixel and Kali NetHunter
- Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
- Connectwise is rotating code signing certificates. What happened?