vulnerability
Security firm publishes details about Java issue, asks for second opinion
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has …
Free Android malware analysis tool
Bluebox Labs announced Dexter, a free tool to help researchers and enterprise security teams analyze applications for malware and vulnerabilities. The Dexter platform provides …
Microsoft continues to focus on security in their products
86% of vulnerabilities discovered in the most popular 50 programs in 2012 were in non-Microsoft (or “third-party”) programs. The result was published today in the …
Adobe patches Flash again, but not the flaws exploited at Pwn2Own
As promised last year, Adobe has been issuing its scheduled Flash updates on the second Tuesday of each month – the same day that Microsoft chose for its monthly Patch …
Yahoo Mail accounts still hijacked daily
Email account hijacking has been a big problem for Yahoo Mail users since the beginning of the year, as a number of vulnerabilities have been discovered, shared online and …
Static analysis tool for examining binaries
GrammaTech announced a static-analysis tool for analyzing binary libraries and executables. CodeSonar for Binaries enables users to examine software for security …
New exploit kit concentrates on Java flaws
Webroot’s Dancho Danchev is known for combing through the wilds of the Internet for places where cyber criminals congregate and reporting back with interesting news …
Oracle releases emergency patch to fix exploited Java flaw
Oracle has released an out-of-band Java patch to fix the CVE-2013-1493 vulnerability that is currently being exploited in attacks in the wild. The security alert accompanying …
Blackhole outfitted with exploit for recently patched Java flaw
The exploit for the recently patched CVE-2013-0431 Java vulnerability has been added to the Blackhole exploit kit, Trend Micro researchers report. The fact was discovered …
Safari now blocks all but latest version of Flash plugin
With all the Flash Player and Java zero-day vulnerabilities lately getting exploited in attacks, browser vendors are trying to come up with solutions to protect their users …
Google 2-step login verification flaw allows account hijacking
Duo Security researchers have found an easy way to bypass Google’s two-step login verification by capturing a user’s application-specific password. “To make …
HTC agrees to fix vulnerabilities found in millions of its devices
HTC America has agreed to settle Federal Trade Commission charges that the company failed to take reasonable steps to secure the software it developed for its smartphones and …
Featured news
Resources
Don't miss
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159)
- Account takeover detection: There’s no single tell
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance