vulnerability
Don’t worry about zero-days, says Microsoft
Microsoft released its Security Intelligence Report volume 11 (SIRv11), which found that less than 1 percent of exploits in the first half of 2011 were against zero-day …
163 new advanced evasion techniques discovered
Stonesoft announced it has delivered 163 new advanced evasion technique (AET) samples for global vulnerability coordination. The new samples include AETs over a number of …
Patching strategies
Cybercriminals have initiated an arms race by refining the malware manufacturing and development process to systematically bypass defense mechanisms. There are many …
Critical vulnerabilities in Adobe Photoshop Elements 8
Critical vulnerabilities exist in Adobe Photoshop Elements 8.0 and earlier versions. These two buffer overflow vulnerabilities (CVE-2011-2443) could cause a crash and …
FFmpeg multiple vulnerabilities
Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a Denial of Service and potentially compromise a user’s …
HTC Android devices allow almost any app access to private data
It’s bad news all around for users of various HTC Android smartphones, as the private data collected by the logging tools recently introduced by the company is also …
Symantec IM Manager multiple vulnerabilities
Multiple vulnerabilities have been reported in Symantec IM Manager, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to …
Browser companies react to BEAST attack
As Juliano Rizzo and Thai Duong have demonstrated on Friday, the SSL/TLS encryption used by the great majority of websites has been cracked. Their BEAST (Browser Exploit …
Barracuda IM Firewall XSS and script insertion vulnerabilities
Two vulnerabilities have been reported in Barracuda IM Firewall, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to …
FortiNet FortiAnalyzer XSS and script insertion vulnerabilities
Two vulnerabilities have been reported in FortiNet FortiAnalyzer, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to …
Android bugs allow attackers to secretly install malware
Jon Oberheide – the security researcher who has so effectively pointed out the existence of a major security bug in the Android platform nearly a year ago – has …
Pligg CMS multiple XSS vulnerabilities
Multiple vulnerabilities have been discovered in Pligg CMS, which can be exploited by malicious people to conduct cross-site scripting attacks, according to Secunia. 1. Input …
Featured news
Sponsored
Don't miss
- Ransom recovery costs reach $2.73 million
- What is cybersecurity mesh architecture (CSMA)?
- New SOHO router malware aims for cloud accounts, internal company resources
- Dropbox says attackers accessed customer and MFA info, API keys
- 2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element