MilitarySingles owned by remote file inclusion hole 

MilitarySingles owned by remote file inclusion hole

In Applications - By Marcos Colon, 27 May 2012 11:47 PM
Site hacked, 170,000 unsalted passwords exposed.
Hacker hawks exploit in blue chip email system 

Hacker hawks exploit in blue chip email system

In Hackers - By Darren Pauli, 24 May 2012 12:23 PM
NASA implicated in exploit auction.
AusCERT2012: FreeBSD talks amateur bug hunting 

AusCERT2012: FreeBSD talks amateur bug hunting

In Networks - By Darren Pauli, 18 May 2012 12:04 PM
Squashing bugs shouldn't just be left to the pros.
AusCERT2012: Fish and chip shops in hacker sights 

AusCERT2012: Fish and chip shops in hacker sights

In Crypto - By James Hutchinson, 16 May 2012 1:55 PM
Credit card info at risk in point-of-sale compromises.
Exploits greeting users at foreign policy, human rights sites 

Exploits greeting users at foreign policy, human rights sites

In Web/client - By Dan Kaplan, 16 May 2012 1:03 PM
A host of websites, including the US-based Center for Defense Information, have been compromised with malicious code in order to target and infect visitors.
Adobe pulls pay-for-patch, issues fix 

Adobe pulls pay-for-patch, issues fix

In Applications - By Darren Pauli, 15 May 2012 10:51 AM
Gaffe was a 'PR disaster'.
Apple shutters FileVault password hole 

Apple shutters FileVault password hole

In Crypto - By Darren Pauli, 11 May 2012 7:41 AM
Urges users to mop up logs.
151,000 domains attacked via dangerous PHP hole 

151,000 domains attacked via dangerous PHP hole

In Web/client - By Darren Pauli, 10 May 2012 4:41 PM
PHP Group issues fix for the second time.
Apple update fixes major flaws in iPhones, iPads 

Apple update fixes major flaws in iPhones, iPads

In Applications - By Dan Kaplan, 8 May 2012 9:09 AM
Hole remains in Apple desktop browser.
Mac FileVault passwords stored in clear text 

Mac FileVault passwords stored in clear text

In Applications - By Darren Pauli, 7 May 2012 1:03 PM
Flawed update contained debug logs that trap passwords.
Microsoft patches three critical flaws 

Microsoft patches three critical flaws

In Applications - By Dan Raywood, 7 May 2012 9:58 AM
Patches will send IT admins scrambling.
Dangerous Flash flaw plugged 

Dangerous Flash flaw plugged

In Applications - By Dan Kaplan, 7 May 2012 9:58 AM
'Object confusion' could lead to system hijacking.
PHP 'zero-day' hole found 

PHP 'zero-day' hole found

In Applications - By Darren Pauli, 4 May 2012 9:10 PM
Bugged patch fails to fix flaw.
Chinese firm leaked RDP exploit code 

Chinese firm leaked RDP exploit code

In Networks - By Dan Kaplan, 4 May 2012 8:40 AM
Vulnerability sharing programs called into question.
Oracle issues workarounds for zero-day hole 

Oracle issues workarounds for zero-day hole

In Applications - By Dan Kaplan, 3 May 2012 11:22 AM
Company moves after public disclosure.
Splunk calls bug bunk 

Splunk calls bug bunk

In Applications - By Darren Pauli, 1 May 2012 11:01 PM
No authentication allows attackers to upload malcode.
Microsoft squashes Hotmail hijack bug 

Microsoft squashes Hotmail hijack bug

In Hackers - By Darren Pauli, 30 April 2012 8:23 AM
Accounts cracked in 60 seconds.
Public sector orgs flunk OWASP Top 10 

Public sector orgs flunk OWASP Top 10

In Applications - By Dan Raywood, 30 April 2012 7:54 AM
Research finds 84 per cent of web apps deemed unacceptable against security benchmarks.
Four-year old critical Oracle bug still alive 

Four-year old critical Oracle bug still alive

In Applications - By Dan Kaplan, 27 April 2012 11:44 AM
Patch ignored older installs.
Holes found in Rackspace, VPS.Net cloud services 

Holes found in Rackspace, VPS.Net cloud services

In Applications - By SC Staff, 26 April 2012 11:06 AM
Weak implementations allow dirty data to be tapped.
Samsung TVs, Blu-ray vulnerable to eternal boot loop 

Samsung TVs, Blu-ray vulnerable to eternal boot loop

In Applications - By Darren Pauli, 20 April 2012 8:10 AM
Not your typical remote control.
Bug reports fall, bounties exclude amateurs 

Bug reports fall, bounties exclude amateurs

In Networks - By Darren Pauli, Marcos Colon, 19 April 2012 8:22 AM
Less critical flaws go unreported.
Oracle patches 88 vulnerabilities 

Oracle patches 88 vulnerabilities

In Applications - By Greg Masters, 16 April 2012 9:17 AM
Fixes for Sun, Solaris and MySQL.
Android concept app siphons sensitive data 

Android concept app siphons sensitive data

In Applications - By Darren Pauli, 11 April 2012 11:12 AM
Application bypasses permissions to steal SD and app data.
Updates make Adobe patches a flash 

Updates make Adobe patches a flash

In Applications - By Dan Raywood, 30 March 2012 7:55 AM
Released for Linux, Windows and OS X.
Mobile vulnerabilities top IBM report 

Mobile vulnerabilities top IBM report

In Messaging - By Marcos Colon, 24 March 2012 7:45 AM
Thousands of disclosures studied.
Five million machines potentially vulnerable to RDP exploit  

Five million machines potentially vulnerable to RDP exploit

In Networks - By Darren Pauli, 20 March 2012 5:21 PM
Scan shows not just 'stupid users' are vulnerable.
Microsoft probes security partners for RDP leak  

Microsoft probes security partners for RDP leak

In Applications - By Darren Pauli, Dan Kaplan, 17 March 2012 10:17 AM
Trusted partners may have leaked exploit code.
Chrome cracked at Pwn2Own 

Chrome cracked at Pwn2Own

In Applications - By Dan Raywood, 9 March 2012 9:45 AM
Google's browser first to fall at CanSecWest.
The six most dangerous infosec attacks 

The six most dangerous infosec attacks

In Hackers - By Darren Pauli, 7 March 2012 8:40 AM
And what's coming next.
Adobe and Google patch flaws 

Adobe and Google patch flaws

In Applications - By SC Staff, 7 March 2012 5:33 AM
Dirty dozen high risk flaws fixed in Chrome.
Adobe patches Flash XXS hole  

Adobe patches Flash XXS hole

In Applications - By Dan Kaplan, 17 February 2012 12:09 PM
Update closes in the wild cross-site scripting vulnerability.
Google pays $381,000 in bug bounties 

Google pays $381,000 in bug bounties

In Applications - By Dan Raywood, 12 February 2012 10:04 PM
Payments used to squash 1100 vulnerabilities since November 2010.
PcAnywhere code stolen, Symantec warns of exploits 

PcAnywhere code stolen, Symantec warns of exploits

In Applications - By Dan Kaplan, 26 January 2012 12:08 PM
Company recommends to stop using its product pending fixes.
McAfee patches spam relay flaw 

McAfee patches spam relay flaw

In Networks - By Darren Pauli, 20 January 2012 2:59 PM
Customers find their email and IP addresses on blacklists.
Oracle patches 78 vulnerabilities 

Oracle patches 78 vulnerabilities

In Applications - By Tom Brewster, 18 January 2012 3:13 PM
Sixteen products vulnerable to remote code execution.
US spy agency issues damage-controlling Android 

US spy agency issues damage-controlling Android

In Applications - By Darren Pauli, 18 January 2012 11:54 AM
NSA's SEAndroid too tough for GingerBreak, RageAgainstTheCage.
ANZ botches bank statement fix 

ANZ botches bank statement fix

In Risk - By Liz Tay, 13 January 2012 9:51 AM
Shuts down online statements service within 24 hours.
Six OpenSSL holes plugged 

Six OpenSSL holes plugged

In Applications - By Darren Pauli, 9 January 2012 3:58 PM
Padding Oracle Attack squashed.
Qualys, MetricStream build vulnerability framework 

Qualys, MetricStream build vulnerability framework

In Risk - By SC Staff, 6 January 2012 10:47 AM
Routes vulnerabilities through investigation and remediation processes.
Microsoft preps seven security patches 

Microsoft preps seven security patches

In Applications - By Dan Kaplan, 6 January 2012 10:45 AM
Includes one 'critical' fix.
ASP.NET hole workaround published 

ASP.NET hole workaround published

In Applications - By Dan Raywood, 4 January 2012 11:38 AM
One crafted ~100kb HTTP request can consume 100 percent of a CPU core.
Analysis: HTML5 security holes detailed 

Analysis: HTML5 security holes detailed

In Web/client - By Darren Pauli, 4 January 2012 11:28 AM
Security shortfalls in burgeoning standard.
Android app installs shell, bypasses permissions  

Android app installs shell, bypasses permissions

In Applications - By Darren Pauli, 21 December 2011 11:10 AM
App silently taps data.
99 MS critical bug fixes lowest on record 

99 MS critical bug fixes lowest on record

In Applications - By Angela Moscaritolo, 15 December 2011 6:31 AM
Redmond says it hardened up.
Aussie exploit challenges for noob to leet 

Aussie exploit challenges for noob to leet

In Applications - By Darren Pauli, 14 December 2011 5:53 PM
Learn to beat Linux non-executable memory, ASLR, and stack smashing protection.
Yahoo IM zero day patched 

Yahoo IM zero day patched

In Applications - By Darren Pauli, 9 December 2011 4:40 AM
Status messages hijacked.
HP printer bug sparks law suit 

HP printer bug sparks law suit

In Applications - By Dan Kaplan, 7 December 2011 10:05 AM
A New York man has started a class action suit over a printer exploit said to be capable of starting fires.
"Significant" holes found in Droid X, Evo 4G, Wildfire S 

"Significant" holes found in Droid X, Evo 4G, Wildfire S

In Applications - By Angela Moscaritolo, 4 December 2011 6:22 PM
Android phone apps create potential backdoors to user data.
Java exploit added to Metasploit 

Java exploit added to Metasploit

In Applications - By Dan Kaplan, 2 December 2011 10:41 AM
Microsoft says up to half of all exploits are Java based.
1 2 3 4 | Next »
Sign up to receive SC Magazine email newsletters
   FOLLOW US...
Most Read