vulnerability
Cisco WebEx Player WRF file processing vulnerabilities
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) player. In some cases, exploitation of the vulnerabilities could allow a remote …
Infected MyBB release package offered for download
The development team of MyBB (MyBulletinBoard), a popular PHP and MySQL-based free forum package, warned its users about the fact that its latest version available for …
Bug allows remote code execution in Chrome
In September ACROS Security notified Google about a peculiar behavior of the Chrome browser that can be exploited for execution of remote code outside Chrome sandbox under …
Flash bug allows spying of website visitors through webcam
A slight variation of a previously designed clickjacking attack that used a Adobe Flash vulnerability has once again made it possible for website administrators to …
Don’t worry about zero-days, says Microsoft
Microsoft released its Security Intelligence Report volume 11 (SIRv11), which found that less than 1 percent of exploits in the first half of 2011 were against zero-day …
163 new advanced evasion techniques discovered
Stonesoft announced it has delivered 163 new advanced evasion technique (AET) samples for global vulnerability coordination. The new samples include AETs over a number of …
Patching strategies
Cybercriminals have initiated an arms race by refining the malware manufacturing and development process to systematically bypass defense mechanisms. There are many …
Critical vulnerabilities in Adobe Photoshop Elements 8
Critical vulnerabilities exist in Adobe Photoshop Elements 8.0 and earlier versions. These two buffer overflow vulnerabilities (CVE-2011-2443) could cause a crash and …
FFmpeg multiple vulnerabilities
Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a Denial of Service and potentially compromise a user’s …
HTC Android devices allow almost any app access to private data
It’s bad news all around for users of various HTC Android smartphones, as the private data collected by the logging tools recently introduced by the company is also …
Symantec IM Manager multiple vulnerabilities
Multiple vulnerabilities have been reported in Symantec IM Manager, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to …
Browser companies react to BEAST attack
As Juliano Rizzo and Thai Duong have demonstrated on Friday, the SSL/TLS encryption used by the great majority of websites has been cracked. Their BEAST (Browser Exploit …
Featured news
Resources
Don't miss
- Windows 10: How to get security updates for free until 2026
- XBOW’s AI reached the top ranks on HackerOne, and now it has $75M to scale up
- Why the SOC needs its “Moneyball” moment
- From posture to prioritization: The shift toward unified runtime platforms
- Why should companies or organizations convert to FIDO security keys?