vulnerability
Google raises bug bounty to $20,000
Google has announced that it will be updating the rules for its bug bounty program and will start handing out bigger amounts to the researchers participating in it. According …
Oracle fixes 88 security vulnerabilities
Oracle’s Critical Patch Update for April 2012 fixes 88 security vulnerabilities across the product line. The amount of fixes isn’t really a big concern; it’s …
New Mac malware uses Flashback Java exploit
Apple’s decision to push out a Flashback malware removal tool for OS X Lion bundled with a new Java security update has proven to be rather fortunate, as a new Mac OS X …
Mobile devices expose company data to vulnerabilities
Mobilisafe announced results of its SMB focused study. As part of a private beta program, participants evaluated a product that assesses the security risk of mobile devices …
Apple patches critical Java flaw
Apple released a critical update for the Java implementation on Mac OS X, for both Lion and Snow Leopard. This update comes almost two months after the release of the …
Mac Trojan infects machines via unpatched Java bug
Flashback Trojan variants have been targeting Mac users since September 2011, and they have gone through a variety of changes and techniques aimed at achieving its …
Top concern? Mobile device vulnerability management
Mobile device vulnerability management is a top concern for security professionals for the next 12 to 15 months, according to Tenable Network Security. According to the study, …
How much does a 0-day vulnerability cost?
The market for exploits for zero-day vulnerabilities has exploded in the last year, says Adriel Desautels, the founder of Netragard, a penetration testing and vulnerability …
The sorry state of web-based single sign-on services
Web-based single sign-on services are becoming increasingly popular, as they offer a better and simpler user experience. But are they secure? The question was asked by team of …
A peek in the world of vulnerability sellers
As you probably already know, this year’s edition of Pwn2Own wasn’t the only hacking contest at the CanSecWest conference held earlier this month. Pwn2Own rules …
GSM cracking revelations are profound
Commenting on news reports that an Indian company has revealed it can tumble and clone the credentials of mobile phone SIM cards over the airwaves – apparently because …
Working exploit for MS12-020 RDP flaw found
The vulnerability in Microsoft’s Remote Desktop Protocol (RDP) implementation (MS12-020) – a patch for which has been released by during the last Patch Tuesday …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege