3944 matches found
Survey Scam Offers False Shelter From Surveys
Scammers are offering prospective marks an application that supposedly shields them from exposure to survey scams. Naturally, you first have to fill in a survey to install the script, which is punted through Userscriptsdotorg. Read the full article. The Register...
RealNetworks Releases Update to Address Vulnerabilities in RealPlayer
RealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review the RealNetworks, Inc...
Cisco Releases Security Advisory for IOS XR Software Border Gateway Protocol
Cisco has released a security advisory to address a vulnerability in the Cisco IOS XR Software Border Gateway Protocol feature. Exploitation of this vulnerability may result in the continuous resetting of BGP peering sessions, which may cause a denial-of-service condition for affected networks...
Apple Releases Security Update 2010-005
Apple has released security update 2010-005 to address multiple vulnerabilities affecting the ATS, CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP, and Samba applications. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a...
Adobe Releases Security Bulletin for Shockwave Player
Adobe has released a security update to address multiple vulnerabilities affecting Shockwave Player 11.5.7.609 and earlier versions. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Adobe security bulletin APSB10-20 and...
Survey Shows High Cloud Hacking Expectations
An in-depth survey carried out amongst 100 of those attending this year’s DEFCON conference revealed that an overwhelming 96 percent of the respondents said they believed the cloud would open up more hacking opportunities for them. Read the full article. Help Net Security...
VideoLAN Releases a Security Advisory for VLC Media Player
VideoLAN has released a security advisory to address a vulnerability in VLC Media Player. This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The updated release also addresses additional issues that could result in a denial-of-service attack...
Apple Releases QuickTime 7.6.7
Apple has released QuickTime 7.6.7 for Windows to address a vulnerability. This vulnerability is due to a stack buffer overflow that exists in QuickTime error logging. By convincing a user to open a specially crafted movie file, a remote attacker may be able to execute arbitrary code or cause a...
Apple Releases Updates for iPhone, iPod touch, and iPad
Apple has released iOS 4.0.2 for the iPhone and iPod touch and iOS 3.2.2 for the iPad to address vulnerabilities in the FreeType and IOSurface packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or gain system privileges. iPhone and iPod touch users are...
Google Releases Chrome 5.0.375.126
Google has released Chrome 5.0.375.126 for Linux, Mac, and Windows. Chrome 5.0.375.126 contains an updated version of the Flash plugin which addresses multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and...
Adobe Releases Security Update for Flash Player
Adobe has released Flash Player 10.1.82.76 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. This vulnerability also affects Adobe Air 2.0.2.12310 and earlier versions. US-CERT encourages users and...
Microsoft Releases August Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, and Silverlight as part of the Microsoft Security Bulletin Summary for August 2010. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges...
Microsoft Releases Advance Notification for August Security Bulletin
Microsoft has issued a Security Bulletin Advance Notification indicating that its August release will contain 14 bulletins. Eight bulletins will have the severity rating of critical and will be for Microsoft Windows, Internet Explorer, Office, and Silverlight. The remaining six bulletins will hav...
RSA Survey Finds Mobile Device Breaches Rare
Most respondents in a recently released RSA study 93.2% answered “Yes” when asked if allowing employees to connect their personal mobile devices to the corporate network poses a security threat to their organization, but only 1.8% reported a “serious incident” as a result of an employee’s mobile...
Apple Releases Safari 5.0.1 and Safari 4.1.1
Apple has released Safari 5.0.1 and Safari 4.1.1 for Windows and Mac OS X to address multiple vulnerabilities in Safari and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information. US-CERT encourages users...
Google Releases Chrome 5.0.375.125
Google has released Chrome 5.0.375.125 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review the Google Chrome Releases blog entr...
Firefox Releases Firefox 3.6.8
The Mozilla Foundation has released Firefox 3.6.8 to address a critical vulnerability. This vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Mozilla Foundation security advisory MFSA 2010-48 and update to Firefox 3.6.8 to hel...
Cisco Releases Security Advisory for CDS Internet Streamer
Cisco has released a security advisory to address a vulnerability in the Cisco Internet Streamer application that is part of the Cisco Content Delivery System. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to obtain sensitive information, including password files...
Mozilla Releases Firefox 3.6.7
The Mozilla Foundation has released Firefox 3.6.7 and Firefox 3.5.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks. Some of these...
Oracle Critical Patch Update Pre-Release Announcement
Oracle has issued a critical patch update pre-release announcement indicating that its July release will contain 59 new vulnerability fixes. Release of the critical patch update is scheduled for Tuesday, July 13, 2010. US-CERT encourages users and administrators to review the pre-release...