Blogs | Page 62
Office 2007 May Have Taken Its First Hit
By Lisa Vaas | Posted: 2007-02-23
And so it begins anew: Microsoft's security problems.
In what looks to be the first remotely exploitable bug in an Office 2007 application, Microsoft is now working with eEye Digital
... Read More
... Read More
Browsers Take a Bruising
By Lisa Vaas | Posted: 2007-02-23
Polish hacker Michal Zalewski has found yet another flaw in Mozilla's Firefox browser, this one having to do with memory corruption and possible system takeover. While he was at it, he also found an IE flaw
... Read More
... Read More
Trend Micro: The Only Anti-virus (and Vulnerability-Stricken!) Biggie on MS' Certified for Vista List
By Lisa Vaas | Posted: 2007-02-22
Why is it the only one there? It sure isn't because of its track record of popping up in US-CERT for vulnerability warnings, at least as of
... Read More
... Read More
Cisco's Sad Thursday: Phone Flaws and 802.1X Hiccups
By Lisa Vaas | Posted: 2007-02-22
Cisco yesterday posted two security advisories: one on certain Cisco Unified IP Conference Station and IP Phone devices that contain vulnerabilities that may allow unauthorized
... Read More
... Read More
Botnet Attack Features Cozy User Interface for Attacker
By Lisa Vaas | Posted: 2007-02-21
Websense Security Labs researchers have caught a somewhat rare insight into an interface used by an attacker to control infected systems in a bot network.
Websense
... Read More
... Read More
Flaw in Open-Source Snort Can Lead to Buffer Overflow
By Lisa Vaas | Posted: 2007-02-21
The open-source Snort intrusion detection and prevention system and Sourcefire Intrusion Sensor IDS/IPS are vulnerable to a stack-based buffer overflow, which can result in remote code
... Read More
... Read More
Updated: Latest IE Thing: It's Not a Bug, It's a Feature
By Lisa Vaas | Posted: 2007-02-20
Microsoft has another IE vulnerability on its hands. But is it a flaw, or is it a feature?
IE's been having a miserable time of late, starring in scads of headlines about security flaws.
... Read More
... Read More
Bogus E-Mail Delivers Keylogger by Luring Users with News of PM's Heart Attack
By Lisa Vaas | Posted: 2007-02-20
Websense Security Labs is reporting a Trojan packed into an e-mail that claims that Australia's Prime Minister has suffered a heart attack.
Websense
... Read More
... Read More
Did MS' Malware Protection Engine Stall?
By Lisa Vaas | Posted: 2007-02-16
How embarrassing is this: a fix for a bug in Microsoft's Malware Protection Engine, used by security products including Windows Defender, OneCare and Antigen in malware scanning, tucked into
... Read More
... Read More
Researchers Dig On New Anti-Worm System
By Matthew Hines | Posted: 2007-02-16
Earlier this week, researchers at Penn State University issued a report about a new software system they say can better defend against Internet worm viruses.
And while much more attention
... Read More
... Read More
Wireless Hacking Tool Makes Splash at RSA
By Matthew Hines | Posted: 2007-02-08
Among the most intriguing technologies being shown off at this year's ongoing RSA Conference in San Francisco is a mobile penetration testing application made by Miami Beach, Fla.-based
... Read More
... Read More
NFL Team Fields Prevent Defense for Virtual Playbooks
By Matthew Hines | Posted: 2007-02-02
With Super Bowl XLI preparing for kickoff in Miami on Sunday, NFL teams not participating in the game, which pits the Chicago Bears against the Indianapolis Colts, are still
... Read More
... Read More
Microsoft Confirms Zero-Day Word Flaw
By Matthew Hines | Posted: 2007-02-01
Microsoft has confirmed that a vulnerability being used in a wide number of targeted zero-day attacks is an unpatched flaw in its Word program.
According to a post on Symantec's Security
... Read More
... Read More
Apple Plugs First MoAB Hole
By Ryan Naraine | Posted: 2007-01-23
Apple has shipped a high-priority update for its QuickTime media player to correct a flaw exposed during the controversial MoAB (Month of Apple Bugs) project.
Mysterious Excel Flaw Warning Appears
By Ryan Naraine | Posted: 2007-01-09
A security advisory for a "critical" Microsoft Excel vulnerability has been posted on Fortinet's Web site, but the absence of adequate documentation puts the issue under a cloud of mystery.























