vulnerability
GnuTLS library flaw opens way for MitM attacks
A critical cryptographic bug similar to the one recently discovered in iOS and OS X has been revealed to exist in the GnuTLS code library, widely used in open source software …
300,000 routers compromised in DNS hijacking campaign
Some 300,000 confirmed – but most likely many more – small office/home office (SOHO) routers have been compromised and their DNS settings changed to use two IP …
Less risk, more reward: Managing vulnerabilities in a business context
Network security can be both an organization’s savior, and its nemesis. How often does security slow down the business? But security is something you can’t run …
Third-party programs responsible for 76% of vulnerabilities in popular software
Third-party programs are responsible for 76% of the vulnerabilities discovered in the 50 most popular programs in 2013, say the results of Secunia’s Vulnerability Review …
Tenable adds cloud management and multi-scanner support to Nessus
Tenable Network Security announced powerful cloud management capabilities will be delivered to Nessus users in a March 3rd update. Departments, teams and remote locations will …
Apple finally patches critical SSL flaw in OS X
Apple has released an update for OS X that, among other things, patches the infamous “gotofail” bug whose existence was publicly revealed last Friday. The flaw was …
Identify and fix vulnerabilities in your SSL certificates
DigiCert announced DigiCert Certificate Inspector, a tool designed to quickly find problems in certificate configuration and implementation, and provide real-time analysis of …
Free vulnerability management service for SMBs
Tripwire debuted Tripwire SecureScan, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool …
Apple fixes critical crypto bug in iOS, OS X fix to be released “soon”
On Friday, Apple announced the release a software update for its iOS mobile operating system that addresses a critical encryption flaw. A similar update has also been released …
Security vulnerabilities found in 80% of best-selling SOHO wireless routers
Tripwire has analyzed the security provided by the most popular wireless routers used in many small and home offices and found that 80 percent of Amazon’s top 25 …
Adobe fixes Flash 0-day
Adobe released their second out-of-band update for Adobe Flash this month. APSB14-07 fixes three vulnerabilities in Adobe Flash, including CVE-2014-0502 which is being used in …
Microsoft issues Fix it for critical IE 0-day exploited in attacks
Microsoft has finally issued a security advisory addressing the IE zero-day that has been recently actively exploited in attacks in the wild, and has followed with a Fix it …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege