-
Cisco IOS gets fixes for 12 DoS bugs
Cisco releases 9 advisories to address 13 vulnerabilities on March patch day as part of its bi-annual IOS patching exercise.News | 02 Apr 2012
-
Web browser attacks aimed at plug-ins despite rise in flaws, IBM finds
An IBM report found a slight increase in browser-based vulnerabilities, but security features are driving attackers to target components rather than the browser itself.News | 28 Mar 2012
-
University researchers document Android adware privacy risks
Researchers at NC State found that ad libraries used in Android apps access personal information unnecessary for proper functionality.News | 20 Mar 2012
-
Apple iOS 5.1 patches 81 vulnerabilities
Alongside its ‘new iPad’ release, Apple Inc. releases iOS 5.1, the latest version of its mobile computing platform with fixes for 81 security holes.News | 09 Mar 2012
-
NIST releases SP 800-153 WLAN security guidelines
The recently released NIST SP 800-153 addresses security of WLANS. Join us, as we take a closer look at the document’s recommendations.News | 07 Mar 2012
-
CrowdStrike to make RSA 2012 debut with Android attack via Webkit
Firm led by well-known security experts George Kurtz and Dmitri Alperovitch will focus on defending against targeted attacks.News | 25 Feb 2012
-
RSA 2012 talk to offer help understanding IPv6 security issues
Understanding IPv6 security issues can be a challenge, but the protocol's co-inventor says enterprises can no longer afford to ignore IPv6 security concerns.News | 22 Feb 2012
-
Longstanding security problems plague enterprises, Trustwave finds
While organizations focus on mobile security and other emerging threats, an analysis of more than 2,000 penetration tests conducted by Trustwave found older threats often overlooked.News | 07 Feb 2012
-
Apple updates OS X Lion to 10.7.3, releases Snow Leopard security fix
Releases next major update to OS X Lion; pushes out security-only updates to Snow Leopard and other Apple software.News | 02 Feb 2012
-
Symantec issues new pcAnywhere security guide following flaw resolution
Organizations that have applied the latest patches should follow more stringent security best practices to guard against external attacks.News | 01 Feb 2012
- VIEW MORE ON : Windows and other OS security best practices
-
Microsoft fixes code targeted by Duqu in May 2012 Patch Tuesday
Experts suggest patience when dealing with this month’s round of Microsoft updates.News | 08 May 2012
-
Adobe pushes patch for actively exploited Flash Player vulnerability
Adobe is addressing a zero-day flaw in Flash Player being used by cybercriminals in email attacks targeting Internet Explorer users.News | 04 May 2012
-
Microsoft program breach led to early RDP vulnerability exploit
Microsoft said a member of its confidential Active Protections Program leaked information that prompted an exploit targeting a flaw patched in March.News | 03 May 2012
-
Microsoft to fix 23 vulnerabilities in May 2012 Patch Tuesday
Microsoft said it plans to address flaws in Windows, Office, Silverlight and the .NET Framework.News | 03 May 2012
-
Google Vulnerability Reward Program increases, Microsoft unfazed
Google increased the reward for a code execution bug to $20,000. Microsoft remains against a bug bounty.News | 24 Apr 2012
-
HP study finds widespread custom Web application flaws
A review of hundreds of unique custom Web applications found more than half are vulnerable to cross-site scripting and more than 86% contain injection flaws.News | 18 Apr 2012
-
Dangerous Samba vulnerability affects all Linux systems
The commonly used tool contains an error that can be executed remotely by attackers, giving them root access to a system. Proof-of-concept code is available, experts warn.News | 11 Apr 2012
-
Microsoft April 2012 Patch Tuesday repairs critical IE flaws, ActiveX control issue
Microsoft repaired 11 vulnerabilities in April, including a critical update to its Internet Explorer browser and an ActiveX fix that affects a variety of software and server systems.News | 10 Apr 2012
-
April 2012 Patch Tuesday: Microsoft to issue six bulletins, four critical
Microsoft’s six bulletins include critical server repairs, Internet Explorer updates and a critical update of its .NET Framework.News | 05 Apr 2012
-
Expert advocates for more effective pen tests, less complex security
A security expert warns organizations against buying the latest and greatest security technology and advocates for more effective pen testing at InfoSec World Conference and Expo 2012.News | 02 Apr 2012
- VIEW MORE ON : Vulnerability and patch management
-
Burp Suite Tutorial PDF compendium: WebApp tester’s ready reference
Our Burp Suite tutorial PDF compendium is a collection of our Burp Suite guides in PDF format made available to you for free offline reference.Tutorial
-
VMware downplays ESX hypervisor source code leak
Company says source code was leaked online but says may not mean increased risk.News | 25 Apr 2012
-
Hunting for application logic flaws requires people, expert says
Rafal Los, a software security expert and consultant with Hewlett Packard, says humans far outgun automated tools in the hunt for costly application logic flaws.News | 10 Apr 2012
-
Sandboxing for secure app development: Adobe Reader’s 'protected view'
As sandboxing emerges as an answer to legacy codebases with multiple vulnerabilities, we look at the components of Adobe Reader X’s sandbox.Photo Story
-
Sandboxing for secure app development: Adobe Reader’s ‘protected mode’
As sandboxing emerges as an answer to legacy codebases with multiple vulnerabilities, we dissect Adobe Reader X’s sandbox to understand how sandboxing works.Tutorial
-
Web browser attacks aimed at plug-ins despite rise in flaws, IBM finds
An IBM report found a slight increase in browser-based vulnerabilities, but security features are driving attackers to target components rather than the browser itself.News | 28 Mar 2012
-
Exploit writing tutorial: Part 1
In the first part of our exploit writing tutorial, we take a look at the fine art of vulnerability discovery, fuzzing and usable techniques.Tutorial
-
Dangerous Microsoft RDP vulnerabilities repaired in Patch Tuesday
Vulnerability experts call the Microsoft Remote Desktop Protocol flaws dangerous and say they should be quickly addressed by patching admins.News | 13 Mar 2012
-
Research into cryptographic system limitations crucial, RSA panel says
Researchers testing some of the most relied upon cryptographic algorithms are making progress in breaking them, according to experts on the 2012 RSA Conference Cryptographer’s Panel.News | 28 Feb 2012
-
Security startups to unveil new security technology at RSA 2012
One firm will leave RSA 2012 with the “Most Innovative” title, but industry experts say they all contribute in bringing the security industry up to par with sophisticated malware and hacking techniques.News | 16 Feb 2012
- VIEW MORE ON : Secure application development and coding