A study finds most software vulnerabilities are reported by IBM, Microsoft and Apple, and Web apps are a leading point of attack.
Next week at the Black Hat conference in Las Vegas, security researcher Joanna Rutkowska promises to demonstrate how a malicious attacker, working remotely, could take control of the open-source Xen virtualization software.
The company issued patches for its OS and server products to address Domain Name Server vulnerabilities.
Reports are coming in that an AT&T Domain Name System (DNS) server may have been compromised with malicious code that exploits a vulnerability reported earlier this month. This apparently is the first instance of the exploit in the wild.
A recently uncovered flaw with the Oracle WebLogic server allows users to gain entry to the software's server without a user name or password.
The company issued a reminder to patch a Domain Name System flaw affecting some Windows products.
Sites such as Facebook, LinkedIn and Blogspot.com represent vectors for attack.
Speculation continues as to what the ultimate systemic Domain Name System (DNS) flaw could be.
The blogosphere is awash with talk about the possible overall weakness of the Domain Name System (DNS) architecture.
The open source software community lags behind the commercial software sector in secure code development, according to a recent study of some commonly used open source packages.
Enterprise security is an expensive proposition, one that's likely to get even more expensive as organizations take further steps to protect themselves.
Microsoft's fiscal fourth-quarter and 2008 year-end financial results were announced in a Webcast on Thursday.
Oracle databases 9i through 11g, Oracle Application Server, Oracle PeopleSoft Enterprise CRM among products patched.
A scan of Web servers by Internet security company Finjan Inc. has found more than 1,000 legitimate Web sites that had been compromised by a new wave of attacks in recent weeks.
Security layer product is designed to help database administrators when databases go unpatched.
Major vendors of domain name system (DNS) servers are making an unprecedented coordinated release of patches for what is being called a fundamental flaw in DNS, a core element of the Internet.
Redmond’s Secure Development Lifecycle requirements aim to counter security defects in the face of recent SQL attacks.
Just two days after the Payment Card Industry (PCI) Security Standards Council announced the deadline for application security compliance and said it would be issuing guidelines for PIN entry devices, court documents have emerged detailing an elaborate plot to hack Citibank's ATM network architecture.
Reported data breaches increased sharply in the first six months of 2008, jumping 69 percent compared to the same period last year, according to a study by the Identity Theft Resource Center (ITRC).
More than 40 percent of Internet surfers don't use browsers with up-to-date security patches -- and IE users are the biggest culprits.