Researchers expect attacks to explode once exploit code goes public
Hackers are exploiting the just-disclosed unpatched bug in Internet Explorer (IE) to launch drive-by attacks from malicious Web sites, security researchers said today.
It's the second zero-day vulnerability in the last 60 days
Microsoft today warned of a critical vulnerability in Internet Explorer that is already being exploited by hackers, the second such admission in the last two months.
Google engineer posts sample code to show how to bypass DEP in Windows
The disclosure of a new exploit technique that bypasses an important Windows security feature may result in more successful attacks against Microsoft's newer operating systems, researchers said today.
IBM's latest X-Force report says there are fewer software bugs overall, but many in document and multimedia applications
The number of software vulnerabilities fell overall in 2009, but the number of bugs in document readers and multimedia applications increased by 50 percent, according to IBM's annual X-Force Trend and Risk Report.
The company has discovered that log-in information has been stolen in compromised torrent file-sharing sites
Twitter required some users to reset their passwords on Tuesday after discovering that their log-in information may have been harvested via security-compromised torrent Web sites, the company said.
SOA's strengths turn out to be highly exploitable entry points for attackers
Many organizations are embracing SOA as a way to increase application flexibility, make integration more manageable, lower development costs, and better align technology systems to business processes. The appeal of SOA is that it divides an organization's IT infrastructure into services, each of which implements a business process consumable by users and services.
The flaw has been used in limited attacks since Friday
Adobe is investigating new reports that hackers are attacking a previously unknown bug in the latest version of the company's Reader and Acrobat software.
The zero-day attack was released last week
Nearly a week after an unidentified hacker posted attack code that exploits a flaw in Adobe's Illustrator software, the company says it will fix the issue by Jan. 8.
The code is not as reliable as first thought
Developers of the open-source Metasploit penetration testing toolkit have released code that can compromise Microsoft's Internet Explorer browser, but the software is not as reliable as first thought.
The attack, first released on Friday, is made more reliable
Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.
Exploit code released over weekend for browser attack
Microsoft Monday night issued a security advisory that provides customers with guidance and workarounds for dealing with a zero-day exploit aimed at Internet Explorer.
The zero-day flaw is unreliable, but Symantec expects reliable exploits in the 'near future'
A hacker has posted attack code that could be used to break into a PC running older versions of Microsoft's Internet Explorer browser.
The researcher has developed generic attack code, but is keeping it private.
A Seattle computer security consultant says he's developed a new way to exploit a recently disclosed bug in the SSL protocol, used to secure communications on the Internet. The attack, while difficult to execute, could give attackers a very powerful phishing attack.
The simple problems may have exposed users' data for an unknown length of time
Social-networking sites MySpace and Facebook have apparently fixed coding errors that could have allowed an attacker access to all of their users' data and photos.
Sun releases critical update to Java Runtime Environment
Sun Microsystems and Research In Motion have issued critical bug fixes for security issues with their products.
