A former CIA Director says the U.S. Government is being too secretive about cybersecurity vulnerabilities.
Browsing Tag: vulnerabilities
Distributed denial-of-service (DDoS) attacks are on the rise, according to a report released by Trustwave this week.
Web sites are chronically insecure, according to new data from security firm WhiteHat Security.
“The marketplace for hacker exploit kits is getting more crowded according to research by Kaspersky Labs, which found that new tools with names like SEOsploit and Crimepack are challenging the dominance of legacy tools like the Phoenix, Eleonore, Neosploit, YESExploit, and Liberty kits.
Four months after it first went public with a warning about widespread vulnerabilities in network security products, Stonesoft said it has found more than 100 new holes, and that security vendors are doing little to address the problem.
Following last week’s release of Chrome 9 and a rather brazen $20,000
offering to anyone who can hack their browser at CanSecWest, Google
released a stable
channel update addressing some security flaws and containing a new version
of Flash Player (10.2).
As malware authors and attackers have continued to employ the Windows AutoRun functionality to help spread their malicious creations–culminating famously in the Stuxnet worm–Microsoft has been making gradual changes to help prevent these attacks. This week the company took the major step of putting an optional fix into Windows Update that will disable Autorun.
When Barracuda Networks started its bug bounty program about three months ago, company officials weren’t exactly sure what to expect. They didn’t know whether there’d be an onslaught of submissions or the sound of crickets chirping. The reality turned out to be somewhere in the middle.
Adobe has released a massive set of patches that fix vulnerabilities in most of its more popular applications, including a number of critical bugs in Flash, Reader and Shockwave.
Microsoft addressed 22 flaws with 12 separate bulletins in February’s edition of Patch
Tuesday, including three bulletins that were rated critical with the remaining nine
rated as important. Among the programs affected are Microsoft Windows, Internet
Explorer, Office, Visual Studio, and IIS.