Oracle has revealed that it is going to fix a total of 40 vulnerabilities in Java SE today out of which 37 can be exploited remotely without the need of a username and password.
OWASP Top 10, the Open Web Application Security Project’s top 10 most critical web application security risks, has been updated and a new list has been published.
Citadel was disarmed of its command and control server but, don’t you start relaxing as the owners are still out there and no computer is seemingly safe.
[Update 07/06/2013 13:00 GMT]: Parallels has issued a statement saying that the latest vulnerability so disclosed is a variant of an old vulnerability and that currently support version of Plesk viz. 9.5, 10.X and 11.X are not vulnerable.
KingCope, a hacker known for many concrete exploits, has published yet another zero-day through full disclosure mailing list – this time for Plesk, a hosting software package made by Parallels and used on thousands of servers across the web.
Microsoft has successfully taken down one more botnet in collaboration with the FBI which was known to control millions of PCs across the globe and was allegedly involved in and responsible for bank fraud in tune of more than $500 million.
Security expert Tavis Ormandy has discovered vulnerability in Windows kernel which when exploited would allow an ordinary user to obtain administrative privileges of the system.
LulzSec member, hacker and activist, Jeremy Hammond, who is accused of hacking into Stratfor’s servers and leaking the files thus obtained to WikeLeaks has plead guilty to one count of Computer Fraud.
Unauthorized access attempt of Yahoo! Japan portal may have led to theft of up to 22 million user IDs, Yahoo has revealed.
Security researchers have stumbled upon a new variant of the Pushdo malware, which despite several takedown efforts has proved to be quite resilient and stubborn.
Web Application Security Consortium (WASC) has announced the release of Static Analysis Technologies Evaluation Criteria – a set of criteria that would enable security professionals involved in procurement of code analysis technologies to evaluate the technology though a vendor-neutral set of guidelines.
Highly popular enterprise email and workgroup solution IBM Notes/Domino has a huge security vulnerability that allows for installation of spyware on a client system by doing as little as opening an email.
Researchers over at McAfee Labs have uncovered a zero-day vulnerability in Adobe Reader contained in every version of the PDF reader including the latest Reader XI (11.0.2).
