vulnerability
U.S. federal lab linked to Stuxnet breached
A federally funded U.S. lab that is suspected to have been involved in finding the vulnerabilities in Siemens SCADA systems used by the Stuxnet worm has shut down the Internet …
Software industry risks and SQL injection trends
With the trend of targeted cyber attacks along with the exploitation of common vulnerabilities such as SQL injection, it is clear that the core software infrastructure of …
Gaping security hole in Skype for Android
The Skype application for Android contains a flaw that allows a rogue app to access and harvest users’ personal information and things like chat logs from the device …
Microsoft patches 64 security vulnerabilities
Today Microsoft released 17 bulletins to address 64 security vulnerabilities. The bulletins address vulnerabilities in Windows, Office, Internet Explorer, Visual Studio, .NET …
Lack of admin rights mitigates most Microsoft vulnerabilities
The removal of administrator rights from Windows users is a mitigating factor in 75 percent of Critical Windows 7 vulnerabilities. Microsoft and its partners regularly …
Secunia Vulnerability Intelligence Manager 3.1 released
Secunia announced enhancements to the award-winning Secunia Vulnerability Intelligence Manager (VIM). The Secunia VIM is compliant with the vulnerability database requirements …
Multiple vulnerabilities in Moonlight
Some vulnerabilities have been reported in Moonlight, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security …
The execution of the RSA hack
More than two weeks have passed since the high profile RSA hack, and the company has finally decided to share some of the details regarding the attack. The question that is …
Multiple vulnerabilities in IBM Tivoli Directory Server
Multiple vulnerabilities have been reported in IBM Tivoli Directory Server, which can be exploited by malicious users to disclose sensitive information and by malicious people …
Vulnerabilities surge: 8,000 recorded in 2010
IBM today released results from its annual X-Force 2010 Trend and Risk Report, highlighting that public and private organizations around the world faced increasingly …
Cisco ACS unauthorized password change vulnerability
A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account …
Lifecycle model for managing unknown vulnerabilities
Codenomicon released its Unknown Vulnerability Management (UVM) Lifecycle model, a security assurance process, which focuses on unreported vulnerabilities. The UVM model helps …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege