The Federal Aviation Administration needs to upgrade and update its information security capabilities–including building a threat-modeling capability and implementing federal security guidelines–in order to ensure the safety of the nation’s aviation infrastructure, according to a new report by the General Accounting Office. The report is the result of a review of the FAA’s security practices[…]
Browsing Category: Vulnerabilities
SearchBlox, a provider of enterprise search technology, has patched several serious vulnerabilities in its flagship product, including cross-site scripting, cross-site request forgery and other issues. The company, which sells a variety of enterprise search products, has released version 8.2 of the main SearchBlox product to address the vulnerabilities, which were report to the CERT/CC at[…]
Apple recently fixed a cookie vulnerability that existed in all versions of Safari – iOS, OS X, and Windows – that may have affected 1 billion devices.
Microsoft and Adobe released security bulletins addressing critical vulnerabilities in their respective products.
Dell released its annual threat report yesterday, ringing the alarm bells on point-of-sale and industrial control system attack in 2014 and beyond.
Google has released Chrome 42, a major security upgrade to the browser that includes patches for 45 vulnerabilities. The latest version of Chrome carries with it fixes for a number of high-severity bugs, including a cross-origin bypass in the HTML parser. That vulnerability earned an anonymous security researcher a reward of $7,500 from Google. In all,[…]
Data breaches are expensive to victim organizations, but that cost is going down, according to Verizon, which today released its annual Data Breach Investigations Report.
Research on the economics of the zero-day market conducted by HackerOne, MIT, Harvard and Facebook will be presented at RSA Conference.
To bolster security, banks in New York are planning to enact new regulations for any third party vendors they do business with.