vulnerability
OpenSSL weakness can expose sensitive information
A weakness has been reported in OpenSSL, which can be exploited by malicious people to disclose potentially sensitive information, according to Secunia. The weakness is caused …
New vulnerability reporting framework
The Industry Consortium for Advancement of Security on the Internet (ICASI) published of its Common Vulnerability Reporting Framework (CVRF) Version 1.0. CVRF is an XML-based …
IBM Informix Storage Manager security bypass
A vulnerability has been reported in IBM Informix Storage Manager, which can be exploited by malicious people to bypass certain security restrictions, according to Secunia. …
Microsoft investigates the current threat landscape
Microsoft published volume 10 of the its Security Intelligence Report (SIRv10) which provides perspectives on software vulnerabilities, software vulnerability exploits, …
Automated solution for patching software vulnerabilities
A universal law enforcement axiom states that criminals prefer to trespass through vulnerable open or unlocked doors or windows. In the IT and software industries, the same …
HP Intelligent Management Center multiple vulnerabilities
Multiple vulnerabilities have been reported in HP Intelligent Management Center (IMC), which can be exploited by malicious people to compromise a vulnerable system, according …
Exponent CMS multiple vulnerabilities
Multiple vulnerabilities have been discovered in Exponent CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks and disclose sensitive …
Microsoft releases two security updates
Microsoft released two security updates addressing one Critical vulnerability in Microsoft Windows and two Important vulnerabilities in Microsoft Office. MS11-035 (Windows) is …
Free browser-based security assessment
Shavlik Technologies announced a new browser-based security advisory that helps identify potential security vulnerabilities on a network. Shavlik Security Advisor scans all …
WebGL: A new dimension for browser exploitation
WebGL is a new web standard for browsers which aims to bring 3D graphics to any page on the internet. It has recently been enabled by default in Firefox 4 and Google Chrome, …
Skype for Mac message processing code execution vulnerability
Pure Hacking, a group of ethical hackers in Australia, reported directly to Skype what they believed to be a zero-day vulnerability in Skype for Mac 5.x The vulnerability in …
OpenID Attribute Exchange flaw
The OpenID Foundation has issued an alert for all sites using OpenID that don’t confirm that the information passed through Attribute Exchange – the service …
Featured news
Resources
Don't miss
- Man vs. machine: Striking the perfect balance in threat intelligence
- Misconfig Mapper: Open-source tool to uncover security misconfigurations
- Why AI deployment requires a new level of governance
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests