US being supplied with troves of data that could be used in cyber attacks, thanks to tech firms' vulnerability disclosure policies
TECHNOLOGY POWERING BUSINESS
News vulnerability
Patch Tuesday Brings Critical Internet Explorer Fix
Microsoft fixes critical flaws in IE, but doesn't patch another revealed by Google researcher Tavis Ormandy
Apple Fails To Act On Store Vulnerability Warnings
Another slow response from Apple's security team?
Thousands Of Web Servers Threatened By Plesk Flaw
Parallels says customers should upgrade their Plesk, but experts worry many won't
Google Cuts Down Zero-Day Disclosure Period To 7 Days
If the company responsible for the software doesn’t fix zero-day vulnerabilities in seven days, Google will spread the word
Old Ruby On Rails Bug Exploited To Feed Botnet
Flaw is being exploited in the wild, even though a patch was ready five months ago
Google Researcher Slams Microsoft As He Reveals Windows Security Flaw
Tavis Ormandy says Microsoft treats vulnerability researchers with “great hostility”
Zero-Day Flaws Force Fast Fixes From Microsoft And Adobe
Software titans offer temporary fixes for some serious flaws
Researchers Warn Over Internet Explorer 8 Zero-Day Flaw
Attacks in the wild and a fresh Metasploit module make life difficult for Microsoft
Researchers Warn Over Apple Safari Flaw
Rapid7 says flaw could let attackers steal passwords or even get keyloggers on users' machines
Search Engine Reveals Worrying Security Holes
A relatively unknown search engine is revealing worrying security vulnerabilities in many corporate systems
Java Zero-Day Offered On Russian Dark Market For $100k
Java zero-days can make as much as $100,000 on the Internet underground, but the buyers will earn even more, RSA analysts tell TechWeek
Adobe Issues Emergency Flash Player Patch
Adobe has issued an emergency patch in order to counter ongoing exploits against its Flash Player
‘Backdoors’ Uncovered In Barracuda Networks Security Gear
Researcher says backdoors remain open in many Barracuda boxes
Hackers Tout Fake Java Patch As Fresh Exploit Sells For Thousands
An exploit sells for a separate flaw to the one that caused havoc earlier this month
Java Zero-Day Sees ‘Mass Exploit Distribution’
The flaw reported yesterday has already escalated and hit mass distribution
Yahoo Mail XSS Vulnerability Still Exploitable After Patch
The patch that didn't patch up much
Yet Another Java Zero-Day Exploited In The Wild
Another year, another Java zero-day
‘Huge’ Ruby On Rails Vulnerability Causes Panic
Rails flaw could be a big issue for thousands of sites, security researchers warn
Microsoft’s Internet Explorer Zero-Day Fix Broken ‘With Ease’
Seems Microsoft's fix is not much of a solution at all
How iPhones Are Being Turned Into Nasty Spyphones
Exclusive: Data shows spy software is hitting iOS more than other platforms, as researchers fret about a false sense of security around Apple's massively popular operating system
Apple iOS 6.0.1 Fixes Security Flaws
Flaws in the iOS kernel, WebKit and Passbook addressed
Mammoth Oracle Patch To Address 109 Flaws
Updates cover plenty of severe vulnerabilities across a broad range of Oracle software
Poll: Do You Love Or Loathe Zero-Day Exploit Merchants?
Exploit sellers are dividing the security industry, but which side do you fall on? Let us know in this poll
Microsoft Patches Browser Hole
Microsoft has released a fix for an Internet Explorer security vulnerability that is being actively exploited by attackers
Another Java Security Flaw Appears After Oracle Patch
Oracle can expect calls for yet another update
Oracle Urged To Patch As Crooks Go Wild For Java Zero-Day Flaw
Oracle keeps quiet on Java zero-day as hackers find various ways to exploit it
Siemens Software Flaw Threatens Critical Infrastructure
US authorities investigate a vulnerability which resembles the one used by Stuxnet
Adobe Issues Second Flash Player Security Update In A Week
Adobe goes on another patching bender
Another Dangerous Tesco Website Flaw Confirmed
The website might be leaky, but Tesco's PR is zipped up tight