vulnerability
Satellite telephony encryption cracked
Satellite telephony was thought to be secure against eavesdropping. Researchers at the Horst G?¶rtz Institute for IT-Security (HGI) at the Ruhr University Bochum (RUB) have …
PoC exploits for Linux privilege escalation bug published
The publication of proof-of-concept exploit code for a recently spotted privilege escalation flaw (CVE-2012-0056 ) in the Linux kernel has left Linux vendors scrambling to …
Symantec advises customers to stop using pcAnywhere
In a perhaps not wholly unexpected move, Symantec has advised the customers of its pcAnywhere remote control application to stop using it until patches for a slew of …
Critical flaws in Symantec’s pcAnywhere patched
After having been notified by Symantec about the theft of the software’s old source code and the increased security risk that incident entails for them, users of the …
Researchers demonstrate tragic state of SCADA security
Since the discovery of Stuxnet, we’ve been hearing from a variety of researchers about security vulnerabilities in SCADA computer systems. While some researchers such as …
McAfee closes spam-spewing hole in its anti-malware service
McAfee has patched a vulnerability in its SaaS for Total Protection hosted anti-malware service that seems to have been misused by spammers to make users’ computers spew …
Oracle patches 78 vulnerabilities
Oracle publishes Critical Patch Updates (CPUs) on a quarterly schedule. Oracle released its January edition with patches for a majority of their product line: Oracle Solaris: …
Microsoft releases seven bulletins
2012’s first Patch Tuesday has seven bulletins, including the postponed bulletin from December 2011 that addresses the BEAST style information disclosure. Talking about …
Is your online bank vulnerable to currency rounding attacks?
In the 12+ years of doing penetration tests against various critical environments, we’ve seen numerous online banking servers and found all sorts of vulnerabilities in …
Exploit code for recent ASP.NET DoS flaw made public
The ASP.NET DoS flaw that has recently been revealed at the Chaos Communication Congress in Berlin has been patched by Microsoft in almost record time, but users who have not …
January 2012 Patch Tuesday preview
Microsoft is starting 2012 with a surprisingly large first release of seven security bulletins covering eight separate vulnerabilities. In contrast, in past years we usually …
MetricStream IT-GRC integrates with QualysGuard Vulnerability Management
MetricStream and Qualys announced the integration of MetricStream IT-GRC Solution with QualysGuard Vulnerability Management (VM). The joint solution provides a single robust …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege