Stories by Matthew Broersma

  • Serious flaws found across range of security tools

    Serious vulnerabilities have popped up in several popular security software tools in the past week, namely Sophos Anti-Virus, ClamAV and the network protocol scanner Ethereal. The flaws could allow complete system takeover, according to researchers.

  • Vulnerabilities in Cisco's VOIP system

    Cisco Systems has disclosed that a core component of its enterprise VOIP system is vulnerable to several serious security flaws. The flaws could allow remote attackers to compromise a company's VOIP network, redirect or listen in on calls and carry out other nastiness, according to Cisco and Internet Security Systems (ISS), which discovered the flaws.

  • Flaw threatens Acrobat documents

    Adobe has warned of a serious flaw affecting one of the most widely distributed client applications, Acrobat Reader. The flaw leaves users open to attack via maliciously crafted PDF files, which can be spread via e-mail attachments web page links, and can be used to take control of a system.

  • JavaScript flaw leaves every browser open to attack

    A new browser flaw could allow attackers to trick users into giving up sensitive information such as passwords. The flaw is unusual in that it affects every mainstream browser, and can be exploited on the Mac OS X operating system as easily as on Windows, said security company Secunia.

  • Yankee Group warns of security software vulnerabilities

    Security software is becoming more troublesome than some of the products it is supposed to be protecting, according to new figures from the Yankee Group. The number of vulnerabilities found in security applications has risen sharply for the third year in a row and now outnumbers those in all Microsoft products, according to the research firm.

  • Phishers turn DNS against authorities

    Phishing scammers are cleverly abusing automated "bots" by targeting DNS servers, security experts have warned. The new technique makes it significantly harder to shut down phishing sites.

  • Apple issues monster security patch

    Apple Computer has released its second major security update in as many weeks, fixing 20 bugs in the "Jaguar" version of the Mac OS X operating system. The most serious of the flaws could allow remote attacks, Apple said.

  • Industry reels from IP flaw

    The U.K.'s National Infrastructure Co-Ordination Centre (NISCC) has warned of a flaw in Internet Protocol (IP) that could allow significant attacks on a wide range of products, including routers and Internet software from Microsoft Corp., Cisco Systems Inc., IBM Corp., Juniper Networks Inc. and others.