vulnerability
Majority of web apps vulnerable to most frequent exploits
84 percent of web applications from public companies were deemed unacceptable when measured against the OWASP Top 10 most frequently exploited web application vulnerabilities, …
Google raises bug bounty to $20,000
Google has announced that it will be updating the rules for its bug bounty program and will start handing out bigger amounts to the researchers participating in it. According …
Oracle fixes 88 security vulnerabilities
Oracle’s Critical Patch Update for April 2012 fixes 88 security vulnerabilities across the product line. The amount of fixes isn’t really a big concern; it’s …
New Mac malware uses Flashback Java exploit
Apple’s decision to push out a Flashback malware removal tool for OS X Lion bundled with a new Java security update has proven to be rather fortunate, as a new Mac OS X …
Mobile devices expose company data to vulnerabilities
Mobilisafe announced results of its SMB focused study. As part of a private beta program, participants evaluated a product that assesses the security risk of mobile devices …
Apple patches critical Java flaw
Apple released a critical update for the Java implementation on Mac OS X, for both Lion and Snow Leopard. This update comes almost two months after the release of the …
Mac Trojan infects machines via unpatched Java bug
Flashback Trojan variants have been targeting Mac users since September 2011, and they have gone through a variety of changes and techniques aimed at achieving its …
Top concern? Mobile device vulnerability management
Mobile device vulnerability management is a top concern for security professionals for the next 12 to 15 months, according to Tenable Network Security. According to the study, …
How much does a 0-day vulnerability cost?
The market for exploits for zero-day vulnerabilities has exploded in the last year, says Adriel Desautels, the founder of Netragard, a penetration testing and vulnerability …
The sorry state of web-based single sign-on services
Web-based single sign-on services are becoming increasingly popular, as they offer a better and simpler user experience. But are they secure? The question was asked by team of …
A peek in the world of vulnerability sellers
As you probably already know, this year’s edition of Pwn2Own wasn’t the only hacking contest at the CanSecWest conference held earlier this month. Pwn2Own rules …
GSM cracking revelations are profound
Commenting on news reports that an Indian company has revealed it can tumble and clone the credentials of mobile phone SIM cards over the airwaves – apparently because …
Featured news
Resources
Don't miss
- Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
- TikTok videos + ClickFix tactic = Malware infection
- DanaBot botnet disrupted, QakBot leader indicted
- Is privacy becoming a luxury? A candid look at consumer data use
- Unpatched Windows Server vulnerability allows full domain compromise