News & Features
Source code which can be used on programmable developer boards to circumvent the Playstation 3's security systems, analogous to a PS3 Jailbreak, has been released under the name PSGroove
more »
The Wireshark project has released version 1.4.0 of its open source, cross-platform network protocol analyser, adding and updating a number of new features and dropping support for Windows 2000 systems
more »
All of the holes are contained in WebKit and can be exploited to compromise systems
more »
Outdated programs make it easy for attackers to compromise a system. The newly released beta of version 2.0 of Secunia's Personal Software Inspector (PSI) not only sniffs out vulnerable software, it also updates some programs automatically
more »
Microsoft has released a 'fix-it' which automatically creates the registry entry required to protect against the DLL vulnerability
more »
A forgotten parameter which has been dormant in QuickTime's ActiveX control for 9 years and is still present in the current version can reportedly be exploited to inject malicious code
more »
A report by IBM said that Google left every third critical hole unpatched in the first half of 2010. IBM have now admitted their mistake and corrected their report
more »
The bone of contention is the Blackberry Enterprise Service (BES) communication service for businesses. The Indian government is demanding complete access to the service, RIM is maintaining that it cannot provide this on principle. RIM has now made proposals which are to be implemented and examined
more »
The embedded specialist combines its VxWorks DO-178B and VxWorks IEC 61508 real-time operating systems to create a new product which supports the DO-178B and IEC 61508 security standards by default
more »
Users wanting to use the tool to protect themselves from the DLL vulnerability in multiple applications will find their ability to use certain programs, among them Chrome, restricted
more »
In the past week - the OpenSolaris Governance Board resigned, more Windows applications were found to be vulnerable to DLL hijacking, Ubuntu got a technical architect, Fedora 14 alpha arrived and Zurich Insurance was fined £2.28m for losing its customers' private data
more »
According to one report, attackers are already actively exploiting an error in the way libraries are loaded in many different applications.
more »
The VideoLAN Project developers have issued version 1.1.4 of their VLC Media Player, a maintenance and security update that addresses a DLL loading design vulnerability on Windows systems that could lead to the execution of arbitrary code
more »
The Camino Project developers have released version 2.0.4 of their open source web browser for Mac, addressing several critical security vulnerabilities in the Gecko rendering engine
more »
Microsoft has placed its process for secure software development under a Creative Commons License. The company hopes that this will lead to more developers utilising its process for programming software more securely across the entire product lifecycle
more »
In an article published by the Council on Foreign Relations, US Deputy Secretary of Defense William J. Lynn describes a 2008 incident that was previously rated as classified
more »
According to one study, more vulnerabilities were discovered in the first half of 2010 than ever before and one in two remain unpatched
more »
The number of popular applications affected by the Windows DLL problem is on the rise. In addition to Firefox and Opera, other programs such as PowerPoint, Photoshop, VLC and uTorrent are now known to be vulnerable
more »
Adobe have released Adobe Shockwave Player 11.5.8.612 to close 18 critical holes on Windows and Mac OS X systems.
more »
Apple has released Security Update 2010-005 for its Leopard and Snow Leopard operating systems, closing a total of 13 vulnerabilities - eight of them rated critical
more »
Microsoft is warning of a widespread programming error which attackers can exploit to inject malicious code into many applications
more »
Zurich Insurance's UK branch has been fined £2.27 million by the Financial Services Authority (FSA) as punishment for losing the details of 46,000 customers
more »
The OpenSSH developers have released version 5.6/5.6p1 of their open source SSH (Secure Shell) implementation, fixing a number of bugs from the previous version and adding several new features
more »
Police have searched a house in Erfurt in Germany and confiscated five computers from an administrator in the Perfect Privacy VPN network
more »
The latest 3.3.5.1 and 2.11.10.1 releases of the phpMyAdmin database administration tool address one critical and several serious security vulnerabilities, including an issue that could allow unauthenticated users to execute arbitrary code
more »
Backdoor discovered in QuickTime
