Vulnerabilities Vulnerabilities

Continuous news on hardware and software vulnerabilities from proof of concept to zero day, the dangerous to the novel. Follow the patching topic to narrow your news to emerging fixes.

The six most dangerous infosec attacks

The six most dangerous infosec attacks

And what's coming next.
Darren Pauli Mar 7 2012 8:40AM Security
Adobe and Google patch flaws

Adobe and Google patch flaws

Dirty dozen high risk flaws fixed in Chrome.
SC Staff Mar 7 2012 5:33AM Security
Adobe patches Flash XXS hole

Adobe patches Flash XXS hole

Update closes in the wild cross-site scripting vulnerability.
Dan Kaplan Feb 17 2012 12:09PM Security
Flaw lets crooks rob Google Wallets

Flaw lets crooks rob Google Wallets

Google kills Android app "as a precaution".
Stephen Lawton Feb 15 2012 6:34AM Security
Google pays $381,000 in bug bounties

Google pays $381,000 in bug bounties

Payments used to squash 1100 vulnerabilities since November 2010.
Dan Raywood Feb 13 2012 10:33AM Security
Google pays $381,000 in bug bounties

Google pays $381,000 in bug bounties

Payments used to squash 1100 vulnerabilities since November 2010.
Dan Raywood Feb 12 2012 10:04PM Security
Bug means iPhone thieves get iMessages, too

Bug means iPhone thieves get iMessages, too

iMessages relayed to strangers' iPhones.
Darren Pauli Feb 6 2012 12:18PM Security
Symantec warns of exploits after code theft

Symantec warns of exploits after code theft

Customers warned against using pcAnywhere pending fixes.
Dan Kaplan Jan 30 2012 1:50PM Security
PcAnywhere code stolen, Symantec warns of exploits

PcAnywhere code stolen, Symantec warns of exploits

Company recommends to stop using its product pending fixes.
Dan Kaplan Jan 26 2012 12:08PM Security
McAfee patches spam relay flaw

McAfee patches spam relay flaw

Customers find their email and IP addresses on blacklists.
Darren Pauli Jan 23 2012 2:23PM Security
McAfee patches spam relay flaw

McAfee patches spam relay flaw

Customers find their email and IP addresses on blacklists.
Darren Pauli Jan 20 2012 2:59PM Security
Oracle patches 78 vulnerabilities

Oracle patches 78 vulnerabilities

Sixteen products vulnerable to remote code execution.
Tom Brewster Jan 18 2012 3:13PM Security
US spy agency issues damage-controlling Android

US spy agency issues damage-controlling Android

NSA's SEAndroid too tough for GingerBreak, RageAgainstTheCage.
Darren Pauli Jan 18 2012 11:54AM Security
ANZ botches bank statement fix

ANZ botches bank statement fix

Shuts down online statements service within 24 hours.
Liz Tay Jan 13 2012 9:51AM Security
Six OpenSSL holes plugged

Six OpenSSL holes plugged

Padding Oracle Attack squashed.
Darren Pauli Jan 9 2012 3:58PM Security
Qualys, MetricStream build vulnerability framework

Qualys, MetricStream build vulnerability framework

Routes vulnerabilities through investigation and remediation processes.
SC Staff Jan 6 2012 10:47AM Security
Microsoft preps seven security patches

Microsoft preps seven security patches

Includes one 'critical' fix.
Dan Kaplan Jan 6 2012 10:45AM Security
ASP.NET hole workaround published

ASP.NET hole workaround published

One crafted ~100kb HTTP request can consume 100 percent of a CPU core.
Dan Raywood Jan 4 2012 11:38AM Security
Analysis: HTML5 security holes detailed

Analysis: HTML5 security holes detailed

Security shortfalls in burgeoning standard.
Darren Pauli Jan 4 2012 11:28AM Security
Android app installs shell, bypasses permissions

Android app installs shell, bypasses permissions

App silently taps data.
Darren Pauli Dec 21 2011 11:10AM Security

Log In

  |  Forgot your password?