Search

Administrators are being advised to update their systems following the disclosure of a critical vulnerability in PHP. The PHP 8.3.8 updates a potential remote takeover vulnerability in the popular scripting tool. Listed as CVE-2024-4577, the flaw occurs when a server or PC is running in certain ...

Breaking bad and good habits Understanding social engineering is the first step to overcoming it. Danny Bradbury reports Complicated malware infections and cross-site scripting attacks are great techniques to compromise a company, but why use them when you can whisper ...

XML libraries from organizations such as Sun, Apache and Python harbor vulnerabilities that could be exploited in applications based on them, according to a Finnish security firm.The firm, Codenomicon, based in the city of Oulu, said it discovered the vulnerabilities in early 2009 as part of the dev...

A new version of the Opera browser closes several security holes that could have enabled an attacker to execute arbitrary code or launch cross-domain scripting attacks.The new version, dubbed Opera 9.64, fixed an “extremely severe” issue in which specially crafted JPEG images could cause Opera to co...

The internet saw an increase in malicious code that exposed confidential information as online criminals sought to make a profit, according to Symantec.Malware that exposed credit card or banking information represented 74 percent of the top 50 malicious code samples reported to Symantec in the firs...

In an effort to thwart zero-day attacks, 3Com is launching a program that rewards security researchers for finding vulnerabilities.3Com's Zero Day Initiative (ZDI) is designed to help ensure reasonable disclosure of vulnerabilites and improve security for end users and businesses, said David Endler,...

As it continues to offer little IT security guidance and flails in its leadership role on cyber security issues, the Department of Homeland Security is "almost becoming irrelevant."There is the impression now among corporate IT security leaders that DHS specializes in holding meetings on IT security...

VeriSign said it's alerting customers that a big Internet worm may be coming, based on traffic anomalies and other data gleaned at its SOCs (Secure Operations Centers).Engineers said they have noticed increased traffic on port 443 and port 1025 traffic, indicating possible attacks in the works. Also...