vulnerability
New Microsoft 0-day vulnerability under attack
Microsoft has released security advisory KB2896666 informing of a vulnerability (CVE-2013-3906) in the TIFF graphics format that is seeing limited attacks in the Middle East …
Network IDS reduces “white noise” for more focus on critical vulns
RandomStorm has announced the latest release of its next generation network intrusion detection system (NIDS), StormProbe. StormProbe analyses all network traffic, using more …
RSA takes a big data approach to help with high-risk threats
RSA, The Security Division of EMC, at RSA Conference Europe 2013 unveiled RSA Vulnerability Risk Management (VRM), a new software solution designed to help organizations …
Bypassing security scanners by changing the system language
A substantial security oversight is present in a variety of penetration testing tools, and it has to do with the different languages that a computer system can be set up to …
The Internet of Things: Vulns, botnets and detection
Does the Internet of Things scare you? It probably should. This DerbyCon video discusses why embedded device security is laughably bad, handling vendor notification, and …
Digital ship pirates: Researchers crack vessel tracking system
In the maritime business, Automated Identification Systems (AIS) are a big deal. They supplement information received by the marine radar system, are used for a wide variety …
Solving the dilemma of vulnerability exploitation disclosure
The subject of software and hardware vulnerability disclosure has been debate time and time again, and most agree that, if possible, vulnerabilities should first be disclosed …
The many security problems of ATMs
As much as they are useful, ATMs are also very vulnerable to tampering and attacks from individuals looking for money. eWeek reports that at the SecTor security conference …
Video: Stop making excuses, it’s time to own your high impact vulnerabilities
Most systems are insecure, not because we don’t know about or understand the vulnerability but because we fail at planning and communicating the solution to address or …
WhatsApp encryption flaw revealed, POC code published
A Dutch researcher says that the encryption solution implemented by popular cross-platform IM service WhatsApp is flawed. He claims that the company has not thought it out as …
Dangerous vBulletin exploit in the wild
vBulletin is a popular proprietary CMS that was recently reported to be vulnerable to an unspecified attack vector. vBulletin is currently positioned 4th in the list of …
Microsoft hands out $128k in bug bounties
As the date of the release of the final version of Internet Explorer 11 for Windows 8 and RT draws near, Microsoft has announced that it has paid out over $28,000 to six …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints