Security News


Chrome Hack Blamed on Adobe

After Monday's news that a French security firm had found a zero-day exploit in Chrome's code, personnel at Google are pointing to Flash as the issue. 

Zero-Day Security Flaws Found In Google Chrome

Vupen, a French security group, claimed today that it found a zero-day exploit of Google’s Chrome Web browser when running on Windows.

Survey: Security Processes Lacking in Corporate Application Development

According to a report by Creative Intellect Consulting, 59 percent of enterprise development teams are not following quality and security processes "rigorously" when developing new software.

Malware Targeting Android Phones Growing

According to researchers at Symantec Corp., Google's Android operating system is increasingly becoming the target of malicious code.

IE 9's Browser Tracking Protection May Be Adoped by W3C

Microsoft's tracking protection approach used in Internet Explorer 9 will be reviewed at the Worldwide Web Consortium.

Oracle Squashes Old Java Runtime Security Bug

Oracle has addressed a long-standing security flaw in the Java Runtime Environment (JRE). Known variously as "the Mark-of-the-Beast," "the Magic Number," and "the Floating Point of Death," the bug causes the JRE to hang when parsing strings like "2.2250738585072012e-308" to a binary floating point number.

Black Hat: How iPhone, Android, Other GSM Phones Are Vulnerable To Attack

A demonstration of an attack against an Apple iPhone at the Black Hat Technical Security DC 2011 Conference in Arlington, Va., demonstrated that software in many GSM-based smart phones contains vulnerabilities that could open the phones to remote exploits.

Report: Hackers Shifting Attention to Mobile Devices

Scammers have set their sights on tablets and smartphones, and away from Windows desktops, in response to rising consumer demand for mobile devices.

Consultant Alleges FBI Had Backdoors Installed into OpenBSD

A former FBI consultant claims the FBI had backdoors installed in the OpenBSD operating system to allow the agency to eavesdrop on virtual private networks used by U.S. attorneys nearly a decade ago.

Microsoft: Java Worse Than PDF as Security Threat

Java should be considered a top software security threat, even more so than Adobe PDF files, according to Microsoft's announcement issued today.

Microsoft Releases Patch for ASP.NET Flaw

Microsoft released an "important" patch to address an information disclosure security vulnerability associated with ASP.NET systems.

Microsoft To Release Out-of-Band Patch for ASP.NET Security Flaw

Microsoft plans to release a patch on Tuesday for a security issue associated with ASP.NET systems.

UPDATED: Security Hack Exposes Forms Authentication in ASP.NET

Flaw in AES encryption allows tool to crack Machine Key values used to encrypt cookies in 30 to 50 minutes. Microsoft offers guidance on limiting exposure.

HP To Acquire Fortify

Hewlett-Packard Co. today said it is acquiring security software vendor Fortify Software Inc. for an undisclosed amount.

Adobe Reader and Microsoft IE Top Web Security Concerns

The majority of Internet security threats come from unpatched vulnerabilities in Adobe Acrobat/Reader and Microsoft's Internet Explorer browser.

IE's Market Share Stabilizes in May

Microsoft's Internet Explorer browser showed a U.S. market share gain in May compared with competing browsers.

U.S. IT Pros Concerned About Cloud Security

Nearly half of U.S. IT professionals surveyed believe that the risks of cloud computing outweigh its benefits.

'Critical' Off-Cycle IE Patch Released

Microsoft today released its second "critical" off-cycle patch for Internet Explorer this year.

IE 8 Hacks Slowed by Windows Safeguards

Even a fire-proof safe needs additional protective measures, and Internet Explorer 8 on Windows 7 is no different.

Google Launches Free SkipFish Tool for Web App Security

Last week Google released SkipFish, a no-cost, open source "security reconnaissance tool" for Web-based applications.

Upcoming Events

AppTrends

Sign up for our newsletter.

I agree to this site's Privacy Policy.