Previous
Attacker attempts to plant Trojan in Linux
News An intruder apparently compromised one server earlier, and the attacker used his access to make a small change to one of the source code files, McVoy said. A critical security flaw was found in CVS in January, but it's unknown whether the attacker...
[November 7, 2003, 7:39]
Debian attacker may have used new exploit
News Initial investigations of the security breach, which occurred on 19 November, indicate that the attacker was able to gain full control of Debian servers after logging on via unprivileged accounts, known as privilege escalation, according to James...
[November 28, 2003, 14:05]
The Attacker Within: How Hackers Are Targeting Enterprise Networks From the Inside-Out
White Papers Convincing a trusting employee to visit a website is all that an attacker needs to do in order to access valuable data deep within a secure network. As enterprise defenses evolve, so too do the attack vectors leveraged by those seeking to bypass...
[October 6, 2009, 0:00]
Debian attacker may have used new exploit
Talkback > The exploit was carried out on Debian software running on Intel-based hardware, while a system using Sun hardware was not affected, leading some to guess that Sun software is not affected by the possible exploit.
[December 2, 2003, 12:28]
Alleged CastleCops attacker charged
News A man has been arrested and charged with launching denial-of-service attacks against two organisations, one of which was voluntary security community CastleCops. Greg King was arrested on Monday morning following an extensive investigation by the...
[October 4, 2007, 17:39]
Microsoft patches four critical IE, Exchange holes
News Microsoft on Tuesday released security updates that fix four critical vulnerabilities in Internet Explorer and Exchange Server that could allow an attacker to take control of an affected computer remotely.
[February 11, 2009, 10:12]
Check Point warns firewall can be breached
News Two flaws in Check Point Software's flagship firewall software could allow an attacker to crash or compromise its firewall products, the company said on Wednesday. If [an attacker] can control all the data going in and out -- really, the game is...
[February 5, 2004, 7:30]
Bluetooth phones at risk from 'snarfing'
News A security flaw has been discovered in Bluetooth that lets an attacker download all contact details along with other information from a vulnerable phone, while leaving no trace of the attack. Unlike bluejacking, which is where users can send a...
[February 9, 2004, 13:15]
Microsoft rushes to fix Outlook flaw
News A vulnerability exists in Microsoft's Outlook software that could enable an attacker to easily gain control of a user's mailbox and run code or delete files. The View Control is only supposed to allow users to view messages or calendar entries, but...
[July 18, 2001, 15:59]
Netcraft warns of phishing flaw on Yahoo HotJobs
News Yahoo's HotJobs site is vulnerable to a phishing-based attack that can give an attacker access to a Yahoo member's mail and other personal accounts, UK network service firm Netcraft said on Monday, and someone has been taking advantage of it.
[October 28, 2008, 7:23]
Kaspersky flaw 'opens back door'
News A "critical" flaw in Kaspersky Lab's antivirus software could let an attacker commandeer systems that use the products, a security researcher warned on Monday. A remote attacker could exploit the heap overflow flaw by sending a malformed CAB file...
[October 4, 2005, 9:55]
Critical Adobe Reader hole discovered
News A critical security hole in Adobe Reader could allow an attacker to take control of a computer, according to Core Security Technologies. An attacker could put malicious code in JavaScript embedded in a PDF and spread that via a website or email.
[November 4, 2008, 15:59]
Bug leaves Windows open to Java attack
News Microsoft has warned of three new flaws affecting its software, the most serious of which would allow an attacker to gain full control of a user's PC using a Java applet. A VM component called the ByteCode Verifier does not correctly check for the...
[April 10, 2003, 11:30]
Winamp bug opens door to MP3 viruses
News A glitch with the popular Winamp software for playing digital music files could allow an attacker to embed malicious code into an MP3 file, potentially damaging the user's PC and infecting other MP3s.
[April 30, 2002, 13:59]
Nokia admits multiple Bluetooth security holes
News Nokia has admitted that some of its Bluetooth-enabled mobile phones are vulnerable to "bluesnarfing", which is where an attacker could read, modify and copy a phone's address book and calendar without leaving any trace of the intrusion.
[February 9, 2004, 16:50]
FrontPage flaw puts servers in jeopardy
News Microsoft warned Web site administrators on Wednesday that a flaw in its FrontPage extensions could allow an attacker to take control of their servers or cause the computers to seize up. For FrontPage Server Extensions 2002, the flaw could result...
[September 26, 2002, 7:43]
ICQ flaws open PCs to attack
News Two serious flaws in America Online's ICQ software could allow an online attacker to take control of a person's PC, a Boston security firm warned in an advisory released on Monday. While the company found a total of six flaws, it said only two have...
[May 6, 2003, 7:21]
Researchers take control of iPhone via SMS
News An attacker could exploit the hole to make calls, steal data, send text messages, and do more or less anything a person can do on their iPhone, researchers Charlie Miller and Collin Mulliner told ZDNet UK's sister site CNET News.com at the Black...
[July 30, 2009, 11:11]
Wi-Fi attack on laptop demoed
News Flaws in the software that runs wireless-networking hardware could let an attacker break into a PC over Wi-Fi, security researchers warned Wednesday. An attacker could gain complete control over a laptop by sending malformed network traffic to a...
[August 3, 2006, 9:15]
Trojan exploiting unpatched Office flaw found in the wild
News A new Trojan horse exploits an unpatched flaw in Microsoft Office and could let an attacker commandeer vulnerable computers, security experts have warned. When run on a vulnerable system, it would give a remote attacker full access to a compromised...
[October 3, 2005, 8:55]
