News & Features
Security experts have found security problems in several popular Firefox extensions. They warn that using add-ons can impact the security of the entire system
more…
Cisco has released a free iPhone application that allows users to receive customised alerts on real-time security threats, new signatures and other information
more…
The PHP developers have released the first maintenance update to the 5.3 branch of their programming language, which now includes anti DoS measures and sanity checks on EXIF
more…
The 9.1.0.0 version of the Serv-U FTP Server for Windows closes two critical vulnerabilities which allow an attacker's code to infiltrate the system or restart it
more…
The American National Security Agency also helped configure the system security of Windows 7 during the operating system's development
more…
Spyware for Android, understanding botnet protocols, Top 10 vulnerabilities in web applications, Bruce Schneier action figure
more…
Google's search engine reportedly plays an important role in the attack, pointing users to compromised web pages when certain search terms are entered. More than 200,000 web pages appear to have been affected
more…
Extensions to the browser will no longer be able to silently install themselves in Firefox 3.6's component directory. The Mozilla developers say the directory lock down will increase the browser's stability
more…
A plug-in for disassembler IDA Pro uses Google searches to make machine code functions comprehensible to the uninitiated. It can save time for security specialists analysing malware code
more…
Nearly one year after the release of Metasploit 3.2, the Metasploit Project developers have announced the availability of version 3.3 of the Metasploit Framework
more…
Only four per cent of the security products tested by independent tester ICSA Labs are certified the first time out. Many products even fail to fulfil their core functionality
more…
Security service provider Secunia has discovered a critical vulnerability in the Wikipedia Toolbar extension for Firefox that can be exploited by an attacker to compromise a victim's system
more…
The vulnerability in the design of the SSL/TLS protocol revealed earlier this month can apparently be used for practical attacks after all, such as stealing Twitter login data
more…
Microsoft is investigating a DoS vulnerability that can be exploited to cripple systems running Windows 7 or Windows Server 2008 R2. According to the vendor, however, no active attacks have been registered so far
more…
A hole in the upload routine for blog post attachments allows PHP files to be disguised, for example, as images. Attackers can exploit the hole to execute arbitrary code. However, not all server configurations are affected
more…
A vulnerability in the free image editing tool GIMP (GNU Image Manipulation Program) can reportedly be exploited to compromise a users system
more…
Microsoft has been granted a patent on a privilege escalation system which appears to cover the functionality of PolicyKit, used for fine grain authorisation on Ubuntu, Fedora, openSUSE and other Linux systems
more…
A flaw in the SMB protocol implementation of the latest Windows versions can trigger a system crash. A successful attack only requires the client to make contact with a specially crafted server, which may even happen inadvertently when surfing the internet with IE
more…
Apple has released version 4.0.4 of its Safari web browser, a security update that addresses a total of seven vulnerabilities
more…
Preparations for securing the domain name system root zone using the DNS Security Extensions (DNSSEC) protocol are entering a key phase. DNSSEC signatures are intended to prevent DNS information from being changed en-route from sender to recipient
more…
A report stating that Firefox leads the field of popular browsers and accounts for the largest proportion of vulnerabilities, has rekindled the inevitable discussion about "comparing apples and oranges"
more…
The US Attorneys Office has indicted a group of East Europeans who withdrew $9 million from bank accounts in November 2008 using cloned debit cards. The card data was obtained from a hack of a payment processing company
more…
Adobe has released a workaround to fix a vulnerability in version 7.0 and 8.0 of its Photoshop Elements products that could allow a user with valid login credentials to execute arbitrary commands with elevated privileges
more…
Copies of Microsoft's COFEE collection of forensic tools, which is only intended for criminal prosecution services and investigators, have leaked into the internet. A closer look reveals...
more…
What initially promised to be a relatively quiet patch day is turning into a patch orgy. Microsoft has announced six patch packages to fix a total of 15 "security vulnerabilities" in Microsoft Windows and Office
more…
Security holes in Serv-U FTP server closed
