New Mac malware uses Flashback Java exploit
Apple’s decision to push out a Flashback malware removal tool for OS X Lion bundled with a new Java security update has proven to be rather fortunate, as a new Mac OS X …
vulnerability
Mobile devices expose company data to vulnerabilities
Mobilisafe announced results of its SMB focused study. As part of a private beta program, participants evaluated a product that assesses the security risk of mobile devices …
Apple patches critical Java flaw
Apple released a critical update for the Java implementation on Mac OS X, for both Lion and Snow Leopard. This update comes almost two months after the release of the …
Mac Trojan infects machines via unpatched Java bug
Flashback Trojan variants have been targeting Mac users since September 2011, and they have gone through a variety of changes and techniques aimed at achieving its …
Top concern? Mobile device vulnerability management
Mobile device vulnerability management is a top concern for security professionals for the next 12 to 15 months, according to Tenable Network Security. According to the study, …
How much does a 0-day vulnerability cost?
The market for exploits for zero-day vulnerabilities has exploded in the last year, says Adriel Desautels, the founder of Netragard, a penetration testing and vulnerability …
The sorry state of web-based single sign-on services
Web-based single sign-on services are becoming increasingly popular, as they offer a better and simpler user experience. But are they secure? The question was asked by team of …
A peek in the world of vulnerability sellers
As you probably already know, this year’s edition of Pwn2Own wasn’t the only hacking contest at the CanSecWest conference held earlier this month. Pwn2Own rules …
GSM cracking revelations are profound
Commenting on news reports that an Indian company has revealed it can tumble and clone the credentials of mobile phone SIM cards over the airwaves – apparently because …
Working exploit for MS12-020 RDP flaw found
The vulnerability in Microsoft’s Remote Desktop Protocol (RDP) implementation (MS12-020) – a patch for which has been released by during the last Patch Tuesday …
A decade of vulnerabilities and predictions for 2012
Since 2001, Spanish security firm S21sec has been been compiling a database of vulnerabilities detected by themselves and those reported by a great number of sources which …
Microsoft adds new protection mechanisms to IE 10
At the CanSecWest conference held last week in Vancouver, a team of vulnerability researchers from French security firm VUPEN has managed to hack Microsoft’s Internet …