vulnerability
Flash bug allows spying of website visitors through webcam
A slight variation of a previously designed clickjacking attack that used a Adobe Flash vulnerability has once again made it possible for website administrators to …
Don’t worry about zero-days, says Microsoft
Microsoft released its Security Intelligence Report volume 11 (SIRv11), which found that less than 1 percent of exploits in the first half of 2011 were against zero-day …
163 new advanced evasion techniques discovered
Stonesoft announced it has delivered 163 new advanced evasion technique (AET) samples for global vulnerability coordination. The new samples include AETs over a number of …
Patching strategies
Cybercriminals have initiated an arms race by refining the malware manufacturing and development process to systematically bypass defense mechanisms. There are many …
Critical vulnerabilities in Adobe Photoshop Elements 8
Critical vulnerabilities exist in Adobe Photoshop Elements 8.0 and earlier versions. These two buffer overflow vulnerabilities (CVE-2011-2443) could cause a crash and …
FFmpeg multiple vulnerabilities
Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a Denial of Service and potentially compromise a user’s …
HTC Android devices allow almost any app access to private data
It’s bad news all around for users of various HTC Android smartphones, as the private data collected by the logging tools recently introduced by the company is also …
Symantec IM Manager multiple vulnerabilities
Multiple vulnerabilities have been reported in Symantec IM Manager, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to …
Browser companies react to BEAST attack
As Juliano Rizzo and Thai Duong have demonstrated on Friday, the SSL/TLS encryption used by the great majority of websites has been cracked. Their BEAST (Browser Exploit …
Barracuda IM Firewall XSS and script insertion vulnerabilities
Two vulnerabilities have been reported in Barracuda IM Firewall, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to …
FortiNet FortiAnalyzer XSS and script insertion vulnerabilities
Two vulnerabilities have been reported in FortiNet FortiAnalyzer, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to …
Android bugs allow attackers to secretly install malware
Jon Oberheide – the security researcher who has so effectively pointed out the existence of a major security bug in the Android platform nearly a year ago – has …
Featured news
Resources
Don't miss
- Hackers love events. Why aren’t more CISOs paying attention?
- Before scaling GenAI, map your LLM usage and risk zones
- SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles
- Why banks’ tech-first approach leaves governance gaps
- MDEAutomator: Open-source endpoint management, incident response in MDE