Zero-day Adobe Reader flaw exploited in ongoing attacks
Adobe has issued a security advisory notifying users about a newly discovered and still unpatched vulnerability in Adobe Reader and Adobe Acrobat which has been spotted being …
vulnerability
Yahoo Messenger bug allows status message hijacking
Yahoo Messenger users are in danger of getting their status messages changed without their consent and finding themselves inadvertently peddling malware. The zero-day exploit …
Schneider electric products multiple vulnerabilities
Multiple vulnerabilities have been reported in multiple Schneider Electric products, which can be exploited by malicious people to conduct cross-site scripting attacks, …
Apache reverse proxy flaw opens door to internal networks
Apache has confirmed the existence of a new reverse proxy vulnerability after it was discovered by Prutha Parikh, a security researcher with Qualys, while she was creating a …
Is the Firefox 10 silent update feature a good thing?
Mozilla is planning to implement silent background updates in the upcoming version of Firefox 10, which could be very bad news on the security front, according to Philip …
Another U.S. SCADA system compromised thanks to lousy security
After the news about a water utility company in Springfield, Illinois suffering a hack attack that ended in the destruction of a water pump broke on Friday, the U.S. …
The most vulnerable smartphones
Bit9 highlighted the most vulnerable popular smartphones in use today. The devices on the list pose the most serious security and privacy risk to consumers and corporations. …
Joomla! security bypass weakness and XSS vulnerability
A weakness and a vulnerability have been reported in Joomla!, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site …
Apple OS X sandbox hole allows bypassing of restrictions
Following Apple’s announcement that all applications submitted for inclusion in the App Store will have to have sandboxing implemented starting from March 1, 2012, …
New fuzzing platform from Codenomicon
Codenomicon released Defensics X, the latest version of their security and robustness testing software. The update introduces better coverage through infinite test case …
Adobe patches Shockwave Player
Critical vulnerabilities have been identified in Adobe Shockwave Player 11.6.1.629 and earlier versions on the Windows and Macintosh operating systems. These vulnerabilities …
Light Patch Tuesday features four bulletins
For the November Patch Tuesday, Microsoft released four bulletins that fix vulnerabilities targeting Windows. One is marked as critical, two are important, and the last one is …