WordPress Comment Rating plugin CSRF vulnerability
A vulnerability has been reported in the Comment Rating plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks, …
A vulnerability has been reported in the Comment Rating plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks, …
Core Security Technologies introduced the latest version of its automated penetration testing solution, CORE IMPACT Pro 11. CORE IMPACT Pro enables users to conduct real-world …
Secunia today announced their Security Factsheets, designed for those who are interested in understanding the historical development of advisories and vulnerabilities in …
While DNSSEC adoption percentages appear to have increased dramatically by 340 percent this year, the actual number of zones that have been signed is very small: .02 percent, …
When the people at McAfee decided to launch its own URL-shortening service (mcaf.ee), they touted it as “secure” – meaning, that it would guarantee that the …
A behavior of the Safari browser on the iPhone could be used by phishers and scammers to fool users into believing they have landed on a legitimate site, says Nitesh Dhanjani. …
ElcomSoft discovered vulnerability in Canon’s Original Data Security System, a validation system to guarantee authenticity of digital images captured with supported …
A vulnerability in the Android browser that could allow attackers to download files stored on the mobile device’s or tablet’s SD card has been discovered by …
Here’s an overview of some of last week’s most interesting news, articles and reviews: Google Apps Script API flaw allowed attacker to impersonate Google Details …
Details about a recently discovered and exploited vulnerability that allowed a 21-year-old Armenian hacker to harvest GMail addresses and send to their owners a message coming …
Bit9 unveiled its report of the top applications with reported security vulnerabilities in 2010. Google Chrome placed first on the “Dirty Dozen” list, followed by …
New, patched versions of the OpenSSL server have been released on Tuesday in order to close down a hole that could allow attackers to execute a DoS attack and remote arbitrary …