Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
vAuthenticate multiple SQL injection vulnerabilities

Multiple vulnerabilities have been discovered in vAuthenticate, which can be exploited by malicious users and malicious people to conduct SQL injection attacks, according to …

Facebook pays bug hunters $40,000 in three weeks

The recently introduced Facebook bug bounty program has proved to be a great success, says Joe Sullivan, the company’s chief security officer. “We know and have …

Slow HTTP DoS vulnerability test tool

Slow HTTP DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. If an HTTP …

“Apache Killer” tool spotted in the wild

The developers behind the open source Apache Foundation issued a warning for all users of the Apache HTTPD Web Server, as an attack tool it has been made available on the …

Skype XSS vulnerability allows malicious code injection?

According to a German researcher, a XSS bug in the latest (5.5.0.113) Skype version for Windows could allow attackers to inject malicious code into users’ phone sessions …

Critical bug found in latest PHP release, users advised against updating

PHP users are advised against upgrading to the latest (5.3.7) release of the scripting language because a critical flaw has been spotted only a day before its release. The bug …

RealPlayer multiple vulnerabilities

Some vulnerabilities have been reported in RealPlayer, which can be exploited by malicious people to compromise a user’s system, according to Secunia. 1. A …

Researchers identify first flaws in the Advanced Encryption Standard

Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by …

Adobe acknowledges the 80 Flash Player bugs found by Google

Following Adobe’s latest release of patches for a number of its products, a discussion was started by Google researcher Tavis Ormandy who claimed that he himself has …

Vulnerability in TimThumb WordPress plugins: The effects

With the popularity of the WordPress blogging platform, security researchers here at Websense Security Labs are sure to sit up and take note of any reported zero-day threats …

Dropbox for Android security bypass vulnerability

A security issue has been reported in Dropbox for Android, which can be exploited by malicious people to bypass certain security restrictions, according to Tyrone Erasmus of …

The security of SAP J2EE Engine

Nowadays the SAP NetWeaver platform is the one of the most widespread platforms for developing and integrating enterprise business applications. It’s becoming a popular …

Don't miss

Cybersecurity news