vulnerability
Researcher points out critical Samsung Android phone vulnerabilities
Tired of waiting for Samsung to fix a string of critical flaws in their smartphones running Android, Italian security researcher Roberto Paleari has decided to inform the …
Security firm publishes details about Java issue, asks for second opinion
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has …
Free Android malware analysis tool
Bluebox Labs announced Dexter, a free tool to help researchers and enterprise security teams analyze applications for malware and vulnerabilities. The Dexter platform provides …
Microsoft continues to focus on security in their products
86% of vulnerabilities discovered in the most popular 50 programs in 2012 were in non-Microsoft (or “third-party”) programs. The result was published today in the …
Adobe patches Flash again, but not the flaws exploited at Pwn2Own
As promised last year, Adobe has been issuing its scheduled Flash updates on the second Tuesday of each month – the same day that Microsoft chose for its monthly Patch …
Yahoo Mail accounts still hijacked daily
Email account hijacking has been a big problem for Yahoo Mail users since the beginning of the year, as a number of vulnerabilities have been discovered, shared online and …
Static analysis tool for examining binaries
GrammaTech announced a static-analysis tool for analyzing binary libraries and executables. CodeSonar for Binaries enables users to examine software for security …
New exploit kit concentrates on Java flaws
Webroot’s Dancho Danchev is known for combing through the wilds of the Internet for places where cyber criminals congregate and reporting back with interesting news …
Oracle releases emergency patch to fix exploited Java flaw
Oracle has released an out-of-band Java patch to fix the CVE-2013-1493 vulnerability that is currently being exploited in attacks in the wild. The security alert accompanying …
Blackhole outfitted with exploit for recently patched Java flaw
The exploit for the recently patched CVE-2013-0431 Java vulnerability has been added to the Blackhole exploit kit, Trend Micro researchers report. The fact was discovered …
Safari now blocks all but latest version of Flash plugin
With all the Flash Player and Java zero-day vulnerabilities lately getting exploited in attacks, browser vendors are trying to come up with solutions to protect their users …
Google 2-step login verification flaw allows account hijacking
Duo Security researchers have found an easy way to bypass Google’s two-step login verification by capturing a user’s application-specific password. “To make …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade