Previous
MyMobiSafe.com: The World of Mobile Security Is Flat.
Blog Again the Marine Corps training comes out in me, but it doesn’t take advanced military training to figure out that mobile security is a vulnerability that we all face. That interconnectivity is wonderful for keeping in touch on the go, but it also...
[June 16, 2007, 16:55]
FBI aims to patch security holes
News To show how effective such tools can be, the SANS Institute and the FBI will point to system administrators at NASA, who used a vulnerability-focused approach to eliminate security problems with their network.
[October 1, 2002, 13:23]
Lexmark: Printers pose security threat
News Minh Tran, regional product manager for Lexmark Asia-Pacific, declined to cite any known occurrences of security breaches via the use of printers, but said companies need to make sure their printing devices — which are part of their network — are...
[August 13, 2007, 13:08]
Symantec admits to LiveUpdate security hole
News A group of German hackers have exposed a new vulnerability in Symantec's LiveUpdate 1.4, which could be used to download and run hostile code from an unauthorised server. Despite admitting to the vulnerability of its product, Symantec is refusing...
[October 11, 2001, 12:15]
Java security hole could put some servers at risk
News The vulnerability appears in versions of the Java Runtime Environment that Sun has released for servers running Windows, Linux and Sun's Solaris operating systems. The advisory stressed that, most likely, the flaw should affect only a few of the...
[February 23, 2001, 9:59]
Fresh IE flaw report probed
News The vulnerability could be exploited with specially crafted code. Microsoft is investigating the vulnerability report, a company representative said in a statement. A new flaw in Internet Explorer could be exploited to launch spoof-based attacks...
[September 29, 2005, 9:00]
Hotmail meltdown: How it happened
News There's also no evidence that the security vulnerability was a "backdoor" left in the Hotmail program to enable programmers to sneak peeks at users' mail. The Hotmail vulnerability was the equivalent of a hole in a wall big enough to drive the...
[September 2, 1999, 8:16]
Google flaw provides phishing hook
News This vulnerability affects a lot of very large websites," John Herron, a security expert who maintains the NIST.org site, said in an email. The vulnerability provides cybercrooks with a hook for phishing attacks, scams that try to trick people into...
[November 28, 2006, 8:10]
Flaw leaves work PCs and Internet cafes open
News Applications that run with system privileges but don't follow Microsoft's recommended security practices allow the vulnerability to be exploited. Because the vulnerability requires that a user on the system run the attack code, many people...
[July 14, 2003, 7:36]
MSN Messenger flaw opens back door to hard drive
News The vulnerability in MSN Messenger versions 6.0 and 6.1 could let an attacker view the contents of a victim's hard drive during a chat session with the victim. The vulnerability exists because of the way Windows Media Station Service and Windows...
[March 10, 2004, 7:20]
Juniper and Symantec team up
News Symantec will also provide Juniper with vulnerability information and security research in the near term. And in August, Microsoft added to its security expertise by hiring Vincent Gullotto, former head of McAfee's Antivirus and Vulnerability...
[September 13, 2006, 9:45]
Microsoft seeks credit for finding third-party flaws
News The Microsoft Security Response Center already reports vulnerabilities to other companies, but now it is asking for recognition in finding the vulnerability. The issue of responsible disclosure is under constant debate, with vendors often arguing...
[August 8, 2008, 8:29]
Researcher slams open-source compulsion
Talkback The Sendmail flaw was described by one security expert as "an extremely serious vulnerability" while the OpenSSH vulnerability was considered more theoretical although "it might prove to be exploitable.
[September 24, 2003, 10:52]
Help & HowTo: Slammer
News One way is to subscribe to vulnerability mailing lists such as Microsoft's security bulletin. To prevent external attacks from exploiting this vulnerability, administrators should block UDP port 1434 by downloading and applying Service Pack 3 from...
[January 27, 2003, 10:18]
Windows 7 not affected by flaw, says Microsoft
News Microsoft is investigating new public reports of a possible vulnerability in Microsoft Server Message Block (SMB) implementation," Microsoft said in the advisory. The flaw could allow an attacker to gain control of a system, although Microsoft said...
[September 9, 2009, 8:43]
Security flaw disclosures harm share prices
News The results of the study, which tracked 146 vulnerability disclosures for 18 publicly traded software companies, were presented at last week's Workshop on the Economics of Information Security at Harvard University in Massachusetts.
[June 8, 2005, 17:55]
Microsoft admits WINS flaw
News The disclosure of the WINS flaw revived an ongoing debate over how much time security companies should give software makers to patch a vulnerability before they make the flaw public. The vulnerability is in Windows Internet Name Service, or WINS, a...
[December 1, 2004, 7:35]
Microsoft's February security bulletins
News Microsoft Security Bulletin MS06-007, Vulnerability in TCP/IP Could Allow Denial of Service, addresses the IGMP v3 DoS vulnerability (CAN-2006-0021). Microsoft Security Bulletin MS06-005, Vulnerability in Windows Media Player Could Allow Remote...
[February 21, 2006, 13:30]
VMware security bug exposed on eve of VMworld
News This vulnerability provides an important wake-up call to security-concerned IT practitioners. The vulnerability could allow an attacker to create or modify executable files on the host operating system, through weaknesses in VMware's shared folders...
[February 25, 2008, 13:00]
Macromedia investigates Flash security
News The advisory suggests the software has a buffer overflow vulnerability, which gets around the program's built in security. Although the author of the alert suggests the vulnerability could be exploited to upload viruses, Trojan horses or other...
[January 4, 2001, 14:24]
