vulnerability

Attackers target PDF vulnerability

Attackers target PDF vulnerability

Online criminals have started targeting a vulnerability in Adobe's PDF reader.
Tom Sanders Oct 25 2007 9:59AM Security
Oracle releases 51 patches, unveils new vulnerability rating system

Oracle releases 51 patches, unveils new vulnerability rating system

Oracle on Tuesday delivered 51 fixes in a quarterly patch distribution that included an updated scoring system for organisations to measure the risk and impact of vulnerabilities.
Dan Kaplan Oct 18 2007 10:01AM Security
Users of AOL I.M. at risk of attacks

Users of AOL I.M. at risk of attacks

Millions of computers with registered copies of AOL Instant Messenger (AIM) are at risk to a variety of attacks via a vulnerability in AIM 6.1, AIM beta 6.2, AIM Pro and AIM Lite, according to researchers at Core Security.
Jim Carr Sep 27 2007 9:38AM Security
Review: Typhon

Review: Typhon

NGS Software Typhon is more of a traditional network vulnerability assessment tool with some application intelligence built in. The utility was able to locate FTP-based vulnerabilities on our test system, but had difficulties with web assessment.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Sep 24 2007 12:00AM Security
Review: Fortify Source Code Analysis

Review: Fortify Source Code Analysis

The Fortify offering is a software-based solution which is also a CASE (computer aided software engineering) utility. Any source code can be reviewed with the Source Code Analysis (SCA) suite.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Sep 13 2007 4:44PM Security
Review: AppDetectivePro

Review: AppDetectivePro

AppDetectivePro primarily looks for security holes inside of a number of popular database servers. The user interface makes it easy to determine which steps of the scan should be performed next.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Sep 13 2007 4:43PM Security
JavaScript hijacking - a new vulnerability

JavaScript hijacking - a new vulnerability

A new vulnerability, termed JavaScript hijacking, was recently identified that specifically affects the rich, interactive interfaces typically associated with Ajax and Web 2.0 applications.
Jacob West, Sep 13 2007 7:19AM Security
Hot or not: The Forum of Incident Response and Security Teams (FIRST) unveils updated common vulnerability scoring system

Hot or not: The Forum of Incident Response and Security Teams (FIRST) unveils updated common vulnerability scoring system

The new scoring system promises to make it easier for security managers and the IT industry to better measure the real-world risks associated with software flaws.
Amol Sarwate, Sep 11 2007 3:03PM Security
UN AIDS site target of new 'vulnerability scan' attack

UN AIDS site target of new 'vulnerability scan' attack

Hackers compromise a United Nations’ Asia Pacific AIDS information site using an emerging malicious technique which scans for multiple vulnerabilities.
Negar Salek Aug 29 2007 9:57AM Security
Review: AppDetective

Review: AppDetective

AppDetective primarily looks for security holes inside of a number of popular database servers. The user interface makes it easy to determine which steps of the scan should be performed next.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Aug 27 2007 1:57PM Security
Review: Source Code Analysis Suite

Review: Source Code Analysis Suite

The Fortify offering is a software-based solution which is also a CASE (computer aided software engineering) utility.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Aug 20 2007 8:00AM Security
Review: AppScan 7.5

Review: AppScan 7.5

Watchfire AppScan is a software-based offering, which runs from the Windows platform. You may remember earlier versions of AppScan that required a Linux-based server and were configured and run through a web browser.
Patrick Love, Head of Fiduciary Support, Global Wealth Sol Aug 1 2007 12:00AM Security
ActiveX vulnerability hits Yahoo Widgets

ActiveX vulnerability hits Yahoo Widgets

Researchers at security research firm Secunia have revealed a "highly critical" security vulnerability in Yahoo's desktop Widgets. Widgets are software plug-ins that allow delivering a variety of information - weather reports, sports scores, and music - to users' computer desktops.
Jim Carr Jul 30 2007 8:35AM Security
Mozilla says URL protocol handling vulnerability is a Firefox issue

Mozilla says URL protocol handling vulnerability is a Firefox issue

Mozilla's chief security guru on Monday issued a mea culpa for her company's handing of a URL protocol handing flaw that was believed to only be exploitable from Internet Explorer (IE).
Frank Washkuch Jul 25 2007 9:52AM Security
Mozilla distributes eight patches; blames Microsoft for vulnerability

Mozilla distributes eight patches; blames Microsoft for vulnerability

Mozilla on Tuesday released eight patches - three of them deemed "critical" - in its Firefox 2.0.0.5 release, as the company's chief security official chided Microsoft for failing to protect users from an Internet Explorer bug.
Frank Washkuch Jul 19 2007 10:11AM Security
eBay-like marketplace for vulnerability exchange opens

eBay-like marketplace for vulnerability exchange opens

A Switzerland-based company this week launched an eBay-like marketplace for buying and selling zero-day software vulnerabilities.
Dan Kaplan Jul 9 2007 9:49AM Security
HP ventures into vulnerability assessment

HP ventures into vulnerability assessment

GLOBAL - SPI Dynamics buy adds security scanning to application life cycle offering.
Tom Sanders Jun 21 2007 5:58PM Security
HP ventures into vulnerability assessment

HP ventures into vulnerability assessment

UK - Spi Dynamics aquisition adds security scanning to application life cycle
offering.
Tom Sanders Jun 20 2007 5:30PM Security
Review: Core Impact 6.0

Review: Core Impact 6.0

Impact 6.0 from Core Security is a pure penetration testing tool. It is optimised for production use and comes with a suite of pre-programmed exploits. The support agreement provides regular updates with new exploits. Users can write their own exploits and can add to existing ones in the library. Impact can perform pre-configured scenarios or individual exploits.
Peter Stephenson,CeRNS, May 15 2007 12:00AM Security
Review: NetClarity Branch Auditor 5.0

Review: NetClarity Branch Auditor 5.0

Last year we reviewed NetClarity’s Enterprise Auditor product and we liked it a lot. This year we looked at its little sibling, the Branch Auditor. We were amazed at the power of this little handful of an appliance.
Peter Stephenson,CeRNS, May 15 2007 12:00AM Security

Log In

  |  Forgot your password?