vulnerability
CORE IMPACT Pro 11 now detects and exploits network router vulnerabilities
Core Security Technologies introduced the latest version of its automated penetration testing solution, CORE IMPACT Pro 11. CORE IMPACT Pro enables users to conduct real-world …
Security Factsheets: A new look at vulnerability data
Secunia today announced their Security Factsheets, designed for those who are interested in understanding the historical development of advisories and vulnerabilities in …
Most businesses vulnerable to cache poisoning attacks
While DNSSEC adoption percentages appear to have increased dramatically by 340 percent this year, the actual number of zones that have been signed is very small: .02 percent, …
McAfee’s Secure Short URL Service not so secure
When the people at McAfee decided to launch its own URL-shortening service (mcaf.ee), they touted it as “secure” – meaning, that it would guarantee that the …
Behavior of Safari on the iPhone could benefit scammers
A behavior of the Safari browser on the iPhone could be used by phishers and scammers to fool users into believing they have landed on a legitimate site, says Nitesh Dhanjani. …
Canon image originality verification proven useless
ElcomSoft discovered vulnerability in Canon’s Original Data Security System, a validation system to guarantee authenticity of digital images captured with supported …
Android browser flaw allows attackers to access user data
A vulnerability in the Android browser that could allow attackers to download files stored on the mobile device’s or tablet’s SD card has been discovered by …
Week in review: Online shopping safety, malware hybrids and Packet Wars
Here’s an overview of some of last week’s most interesting news, articles and reviews: Google Apps Script API flaw allowed attacker to impersonate Google Details …
Google Apps Script API flaw allowed attacker to impersonate Google
Details about a recently discovered and exploited vulnerability that allowed a 21-year-old Armenian hacker to harvest GMail addresses and send to their owners a message coming …
Google Chrome tops “Dirty Dozen” apps list
Bit9 unveiled its report of the top applications with reported security vulnerabilities in 2010. Google Chrome placed first on the “Dirty Dozen” list, followed by …
OpenSSL remote code execution patched
New, patched versions of the OpenSSL server have been released on Tuesday in order to close down a hole that could allow attackers to execute a DoS attack and remote arbitrary …
Proof-of-concept Android app reveals platform’s security bug
Angry Birds is an extremely popular mobile game that can be played on Apple, Android and Nokia mobile devices – indeed, it has been downloaded by millions of users. So, …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege