Previous
Flaw threatens major worm attack
News The X Focus program takes advantage of a hole in the Microsoft operating system that lets attackers break in remotely. A hacker group has released code designed to exploit a widespread Windows flaw, paving the way for a major worm attack, security...
[July 28, 2003, 8:55]
QuickTime, iTunes DoS exploit disclosed
News This could allow remote attackers to crash the applications (known as a denial of service) or possibly execute arbitrary code on a compromised computer. On Thursday, a serious new flaw was disclosed that affects the latest versions of Apple's...
[September 19, 2008, 11:16]
Security experts lift lid on Chinese hack attacks
News From the Redstone Arsenal, home to the Army Aviation and Missile Command, the attackers grabbed specs for the aviation mission-planning system for Army helicopters, as well as Falconview 3.2, the flight-planning software used by the Army and Air...
[November 23, 2005, 16:05]
New Bagle opens another spam backdoor
News The mass-mailing computer virus, dubbed Bagle.AF or Beagle.AB by different security firms, opens a path for intruders to relay bulk email messages through the infected computer and attempts to contact one of almost 150 compromised German Web sites...
[July 16, 2004, 8:35]
Firefox and Thunderbird updated
News Mozilla's website lists security-related fixes for Firefox, including a bug showing evidence of memory corruption, and other holes that could be exploited by malicious attackers. The Mozilla Corporation on Friday issued small updates for its...
[September 19, 2006, 10:10]
Microsoft patches ten IIS vulnerabilities
News Some of the vulnerabilities are buffer overruns that can allow attackers to run arbitrary code on the server or to open the servers to host, or be the target of, denial of service attacks. If you have a Web server running IIS on Windows NT 4.0 or...
[April 29, 2002, 13:39]
Skype update hangs up on hackers
News The bug could be exploited by attackers "to bypass certain security restrictions and potentially disclose certain sensitive information," Secunia said in an advisory. Skype has updated its popular Internet telephony software to fix a security bug...
[May 22, 2006, 10:10]
Defend against patch-based exploits, warns Sans
News The paper recommended that software patches be distributed in encrypted form, to reduce the amount of time attackers have to reverse-engineer the patch. Security training organisation the Sans Institute claims centralised patch management can be...
[May 6, 2008, 16:51]
Browsers beware: new holes in IE and Flash
News And Macromedia Flash has two new vulnerabilities, the worst of which can allow attackers to run arbitrary code on computers with the Flash player installed. Web browsing just got a lot more dangerous with the discovery of several new software flaws.
[August 27, 2002, 12:24]
Rupert Goodwins' Diary
Blog This is shorthand for a cross between a Webcrawling robot - the monkey - and a system designed to be attractive to attackers, the honeypot. Tuesday 9/8/2005 This monkey's gone to heaven. Thus sang the Pixies, so beloved of the aggressively fey the...
[August 12, 2005, 18:40]
New attack technique puts Oracle in crosshairs
News It is a trick that can be used by attackers with minimal privileges to gain complete control of the database server," Litchfield said in an interview. A new attack technique increases the risk of commonly found bugs in Oracle's database software, a...
[March 2, 2007, 8:02]
Forum launches firewall with XML defences
News Virus attackers are looking for other ways of getting into the organization. Web services security specialist Forum Systems has teamed up with Computer Associates to create an antivirus device to protect XML applications, an area expected to see a...
[April 25, 2005, 9:50]
Microsoft won't patch against pop-up phishing
News Although the pop-ups could be used by attackers, overlaying multiple windows in a Web browser is a feature, not a vulnerability, according to an advisory posted on Tuesday on Microsoft's TechNet Web site.
[June 24, 2005, 9:55]
Hacker helps Excite@Home toughen defences
News Lamo contacted the company nearly two months ago after he discovered a server that could be used by would-be attackers to get into portions of the Excite@Home corporate network. Not all hackers are bad -- just ask Excite@Home.
[May 30, 2001, 10:48]
'Storm Worm' sweeps the globe
News A botnet serves as an army of commandeered computers, which are later used by attackers without their owners' knowledge. "Storm Worm", one of the larger Trojan horse attacks in recent years, is baiting people with timely information about a deadly...
[January 22, 2007, 7:32]
Kerberos flaw opens apps to attack
News The university also made available patches to fix the problems and stated that exploitation of the bugs by attackers "is believed to be difficult". Two serious security flaws in a technology widely used for network authentication could expose a...
[July 14, 2005, 8:45]
Microsoft besieged by zero-day attacks
News This issue can allow remote attackers to execute arbitrary code on a vulnerable computer," Symantec said in an alert sent to customers. Microsoft issued a rare, out-of-cycle Windows patch on Tuesday that fixed one flaw, but attacks through other...
[September 28, 2006, 9:20]
Apple issues critical fixes
News Several vulnerabilities that would allow attackers to cause a buffer overflows have been identified and fixed by Apple. Apple has patched a number of security holes in its Panther and Tiger flavours of Mac OS X in its latest security update...
[August 16, 2005, 15:00]
Experts: Web attacks not over yet
News It takes only limited technical expertise, has software tools to help attackers and can be very hard to stop. Even as two more major Web sites suffered outages, security experts issued a chilling warning: The attacks could continue into Thursday.
[February 10, 2000, 8:45]
Adobe issues updates to plug PDF hole
News The attackers could then take the compromised system and read and delete files, execute programs and forward information from the computer. Adobe Systems has issued updates to fix security flaws in its Reader and Acrobat software that could allow...
[January 11, 2007, 8:12]
