Apple is planning to release an update specifically designed to protect users against the MacDefender malware that has been circulating for the last couple of weeks. The update for Mac OS X will automatically find and remove the malware on an infected machine and also will warn users if another infection attempt is detected.
Browsing Tag: vulnerabilities
Siemens AG said on Tuesday that it was talking to its customers about what it acknowledged were “security gaps” in its Programmable Logic Controllers (PLCs), after an NSS Labs researcher disclosed the discovery of what he described as serious security holes in the company’s industrial control systems.
Social networking giant Facebook will soon begin paying security researchers for information on vulnerabilities in its platform, according to a report from the Hack in the Box security conference in Amsterdam.
Security researcher Dillon Beresford decided not to present a talk at the TakedownCon in Dallas on Thursday, citing concerns about mayhem that could have resulted. But in an e-mail, he told Threatpost that the vulnerabilities could allow remote attackers to start or stop Siemens Programmable Logic Controllers (PLCs) and harvest information from the devices.
Microsoft has released a new version of its Enhanced Mitigation Experience Toolkit, a free download that gives IT staffs the ability to better defend against exploit attempts. The EMET now includes support, as well.
The Obama administration has unveiled a sweeping strategy for the way that it plans to conduct the country’s business and political dealings online in the coming years, and much of the plan centers on improving the security and reliability of the Internet. The International Strategy for Cyberspace is a policy document and not a technical one, but the plan clearly implies that the U.S. intends to assert and defend its rights online.
Security researchers are warning users that there are a number of vulnerabilities and potential problems with WebGL, and emerging standard for 3D rendering on the Web, that could cause serious problems for users.
The May 2011 edition of Microsoft’s Patch Tuesday is a relatively modest one with the software giant posting just two bulletins addressing bugs that could allow for remote code execution, but only one of which is rated critical.
“Failure is only the opportunity to begin again, only this time more wisely,” is a quote attributed to legendary automaker Henry Ford. While it seemingly has nothing to do with secure application development, all you need to do is talk to a handful of enterprises who have tried to implement a secure development lifecycle – and you’ll certainly see how it applies.
Microsoft on Tuesday provided key details of a “Coordinated Vulnerability Disclosure”
(CVD) program it announced in July and that’s aimed at bolstering
collaboration between Microsoft, its customers and the security