vulnerability
RSA takes a big data approach to help with high-risk threats
RSA, The Security Division of EMC, at RSA Conference Europe 2013 unveiled RSA Vulnerability Risk Management (VRM), a new software solution designed to help organizations …
Bypassing security scanners by changing the system language
A substantial security oversight is present in a variety of penetration testing tools, and it has to do with the different languages that a computer system can be set up to …
The Internet of Things: Vulns, botnets and detection
Does the Internet of Things scare you? It probably should. This DerbyCon video discusses why embedded device security is laughably bad, handling vendor notification, and …
Digital ship pirates: Researchers crack vessel tracking system
In the maritime business, Automated Identification Systems (AIS) are a big deal. They supplement information received by the marine radar system, are used for a wide variety …
Solving the dilemma of vulnerability exploitation disclosure
The subject of software and hardware vulnerability disclosure has been debate time and time again, and most agree that, if possible, vulnerabilities should first be disclosed …
The many security problems of ATMs
As much as they are useful, ATMs are also very vulnerable to tampering and attacks from individuals looking for money. eWeek reports that at the SecTor security conference …
Video: Stop making excuses, it’s time to own your high impact vulnerabilities
Most systems are insecure, not because we don’t know about or understand the vulnerability but because we fail at planning and communicating the solution to address or …
WhatsApp encryption flaw revealed, POC code published
A Dutch researcher says that the encryption solution implemented by popular cross-platform IM service WhatsApp is flawed. He claims that the company has not thought it out as …
Dangerous vBulletin exploit in the wild
vBulletin is a popular proprietary CMS that was recently reported to be vulnerable to an unspecified attack vector. vBulletin is currently positioned 4th in the list of …
Microsoft hands out $128k in bug bounties
As the date of the release of the final version of Internet Explorer 11 for Windows 8 and RT draws near, Microsoft has announced that it has paid out over $28,000 to six …
Latest IE 0-day still unpatched, attacks exploiting it go back three months
While Microsoft is yet to issue a patch for the latest Internet Explorer zero-day (CVE-2013-3893), reports are coming in that the flaw has been exploited more widely and for a …
IE 0-day attack reports push ISC to raise official threat level
Over the weekend, FireEye researchers have managed to shed some light on the in-the-wild attacks leveraging the latest discovered Internet Explorer zero-day vulnerability …