With the FindBugs code analysis vulnerability-vulnerability warning-the black bar safety net

Static analysis tools promise without developer effort will be able to find out the code has some defects. Of course, if you have years of writing experience, you will know that these promises are not necessarily fulfilled. Nevertheless, a good static analysis tool is still in the Toolbox...

Vulnerability Broker Draws Line in Disclosure Sand

Looking to put pressure on software vendors who procrastinate on fixing security flaws, the world’s biggest broker of vulnerability data is drawing a line in the sand. Starting August 4, TippingPoint’s Zero Day Initiative ZDI will enforce a six-month deadline for patches on all vulnerabilities...

VERITAS Storage Exec and StorageCentral DCOM Server Buffer Overflow (CVE-2005-2996)

The VERITAS Storage Exec and StorageCentral products automate storage management in order to optimize storage efficiency. The products are capable of automating numerous tasks with regard to disk management. User-based and directory-based quotas may also be imposed with the help of the products...

Voice Authentication Gets Research Boost

North Carolina state researchers have modified existing speech authentication computer models and have streamlined the process so that it operates more efficiently. Read the full article. ScienceDaily...

Real World Security – Larry Whiteside Interview

Like every other security executive in the health care industry, Larry Whiteside, CISO of the Visiting Nurse Service of New York, spends much of his time dealing with compliance-related issues. But the distributed nature of his user population means that he has sensitive patient data on thousands...

[SECURITY] Fedora 11 Update: rb_libtorrent-0.14.3-2.fc11

rblibtorrent is a C++ library that aims to be a good alternative to all the other BitTorrent implementations around. It is a library and not a full featured client, although it comes with a few working example clients. Its main goals are to be very efficient in terms of CPU and memory usage as we...

[SECURITY] Fedora 7 Update: duplicity-0.4.9-1.fc7

Duplicity incrementally backs up files and directory by encrypting tar-format volumes with GnuPG and uploading them to a remote or local file server. In theory many protocols for connecting to a file server could be supported; so far ssh/scp, local file access, rsync, ftp, HSI, WebDAV and Amazon ...

Programming cheats: the C language efficient four trick-vulnerability warning-the black bar safety net

Writing efficient and simple C language code, many software engineers are pursuing. This article is for the programming work of some of the experience and experience to do the relevant elaboration. The first trick: to space for time Computer program the greatest paradox in space and time the...

phpbb2.0.19 fixes security issues

re: http://www.phpbb.com/phpBB/viewtopic.php?t=352966 Sec fixed XSS issue only valid for Internet Explorer within the url bbcode Sec fixed XSS issue only valid for Internet Explorer if html tags are allowed and enabled Sec added configurable maximum login attempts to prevent dictionary attacks...

Security update 1970-01-01

...