In association with heise online

Top News

Google Chrome turns version 6 on its second birthday

Google Chrome Logo On the second anniversary of the release of the first version of Chrome, Google has released version 6 of its Chrome web browser into the stable and beta channels which also closes critical holes more »

Top Feature

CSI:Internet - Matryoshka in Flash

CSI 5 To find a real iPhone video instead of the one that turned out to be a trojan yesterday, I'm entering "new iphone video" into Google. One of the top links promises an "exclusive preview"; it leads to a web page with a video - but what's going on there? This one isn't working, either! more »

IT security news and features

News & Features

2 September 2010
PS3 hack source code published

Sony Logo Source code which can be used on programmable developer boards to circumvent the Playstation 3's security systems, analogous to a PS3 Jailbreak, has been released under the name PSGroove more »

2 September 2010
Wireshark 1.4.0 drops Windows 2000 support

Wireshark Logo The Wireshark project has released version 1.4.0 of its open source, cross-platform network protocol analyser, adding and updating a number of new features and dropping support for Windows 2000 systems more »

2 September 2010
iTunes 10 addresses 13 security vulnerabilities

iTunes 10 Logo All of the holes are contained in WebKit and can be exploited to compromise systems more »

1 September 2010
Secunia's PSI 2.0 beta tackles Windows update annoyances

Secunia Logo Outdated programs make it easy for attackers to compromise a system. The newly released beta of version 2.0 of Secunia's Personal Software Inspector (PSI) not only sniffs out vulnerable software, it also updates some programs automatically more »

1 September 2010
Microsoft continues to workaround DLL vulnerability

Microsoft Logo Microsoft has released a 'fix-it' which automatically creates the registry entry required to protect against the DLL vulnerability more »

31 August 2010
Alert!Backdoor discovered in QuickTime

A forgotten parameter which has been dormant in QuickTime's ActiveX control for 9 years and is still present in the current version can reportedly be exploited to inject malicious code more »

31 August 2010
Unpatched security holes: IBM re-evaluates

Virus Teaser A report by IBM said that Google left every third critical hole unpatched in the first half of 2010. IBM have now admitted their mistake and corrected their report more »

31 August 2010
Two month breathing space for Indian BlackBerry users

BlackBerry Logo The bone of contention is the Blackberry Enterprise Service (BES) communication service for businesses. The Indian government is demanding complete access to the service, RIM is maintaining that it cannot provide this on principle. RIM has now made proposals which are to be implemented and examined more »

31 August 2010
VxWorks Cert bundles Wind River's security-critical platforms

Wind River Logo The embedded specialist combines its VxWorks DO-178B and VxWorks IEC 61508 real-time operating systems to create a new product which supports the DO-178B and IEC 61508 security standards by default more »

30 August 2010
Microsoft tool for DLL vulnerability interferes with some applications

Users wanting to use the tool to protect themselves from the DLL vulnerability in multiple applications will find their ability to use certain programs, among them Chrome, restricted more »

28 August 2010
The H Week - OpenSolaris Governance Board resigns, DLL hijacking spreads

The H Week Logo In the past week - the OpenSolaris Governance Board resigned, more Windows applications were found to be vulnerable to DLL hijacking, Ubuntu got a technical architect, Fedora 14 alpha arrived and Zurich Insurance was fined £2.28m for losing its customers' private data more »

27 August 2010
Attackers exploit DLL vulnerability in Office and other applications

Microsoft Logo According to one report, attackers are already actively exploiting an error in the way libraries are loaded in many different applications. more »

27 August 2010
Alert!VLC Media Player 1.1.4 fixes Windows DLL vulnerability

VLC Logo The VideoLAN Project developers have issued version 1.1.4 of their VLC Media Player, a maintenance and security update that addresses a DLL loading design vulnerability on Windows systems that could lead to the execution of arbitrary code more »

27 August 2010
Camino 2.0.4 addresses critical security vulnerabilities

Camino Logo The Camino Project developers have released version 2.0.4 of their open source web browser for Mac, addressing several critical security vulnerabilities in the Gecko rendering engine more »

27 August 2010
Microsoft's Security Development Lifecycle under Creative Commons License

Microsoft SDL Shield Logo Microsoft has placed its process for secure software development under a Creative Commons License. The company hopes that this will lead to more developers utilising its process for programming software more securely across the entire product lifecycle more »

26 August 2010
US Deputy Secretary of Defense confirms virus attack

US DoD seal In an article published by the Council on Foreign Relations, US Deputy Secretary of Defense William J. Lynn describes a 2008 incident that was previously rated as classified more »

26 August 2010
Number of critical, but unpatched, vulnerabilities is rising

Malware icon According to one study, more vulnerabilities were discovered in the first half of 2010 than ever before and one in two remain unpatched more »

25 August 2010
Scope of DLL security problem widens - Update

Microsoft logo The number of popular applications affected by the Windows DLL problem is on the rise. In addition to Firefox and Opera, other programs such as PowerPoint, Photoshop, VLC and uTorrent are now known to be vulnerable more »

25 August 2010
Alert!Adobe patch 18 critical holes in Shockwave Player

Shockwave logo Adobe have released Adobe Shockwave Player 11.5.8.612 to close 18 critical holes on Windows and Mac OS X systems. more »

25 August 2010
Alert!Apple releases Security Update for Mac OS X

Mac OS X logo Apple has released Security Update 2010-005 for its Leopard and Snow Leopard operating systems, closing a total of 13 vulnerabilities - eight of them rated critical more »

24 August 2010
Alert!Microsoft warns of DLL vulnerability in applications

Microsoft logo Microsoft is warning of a widespread programming error which attackers can exploit to inject malicious code into many applications more »

24 August 2010
£2.28 million fine for Zurich Insurance's data loss

Zurich Insurance Zurich Insurance's UK branch has been fined £2.27 million by the Financial Services Authority (FSA) as punishment for losing the details of 46,000 customers more »

23 August 2010
OpenSSH 5.6 arrives

OpenSSH logo The OpenSSH developers have released version 5.6/5.6p1 of their open source SSH (Secure Shell) implementation, fixing a number of bugs from the previous version and adding several new features more »

23 August 2010
Police confiscate hardware from VPN provider

Global network icon Police have searched a house in Erfurt in Germany and confiscated five computers from an administrator in the Perfect Privacy VPN network more »

23 August 2010
phpMyAdmin updates close vulnerabilities

phpMyAdmin logo The latest 3.3.5.1 and 2.11.10.1 releases of the phpMyAdmin database administration tool address one critical and several serious security vulnerabilities, including an issue that could allow unauthenticated users to execute arbitrary code more »

Got news? Let us know!






The H open source

The H Security

The H Internet Toolkit