Oracle has revealed that it is going to fix a total of 40 vulnerabilities in Java SE today out of which 37 can be exploited remotely without the need of a username and password.
Citadel was disarmed of its command and control server but, don’t you start relaxing as the owners are still out there and no computer is seemingly safe.
[Update 07/06/2013 13:00 GMT]: Parallels has issued a statement saying that the latest vulnerability so disclosed is a variant of an old vulnerability and that currently support version of Plesk viz. 9.5, 10.X and 11.X are not vulnerable.
KingCope, a hacker known for many concrete exploits, has published yet another zero-day through full disclosure mailing list – this time for Plesk, a hosting software package made by Parallels and used on thousands of servers across the web.
Security expert Tavis Ormandy has discovered vulnerability in Windows kernel which when exploited would allow an ordinary user to obtain administrative privileges of the system.
LulzSec member, hacker and activist, Jeremy Hammond, who is accused of hacking into Stratfor’s servers and leaking the files thus obtained to WikeLeaks has plead guilty to one count of Computer Fraud.
Security researchers have stumbled upon a new variant of the Pushdo malware, which despite several takedown efforts has proved to be quite resilient and stubborn.
Web Application Security Consortium (WASC) has announced the release of Static Analysis Technologies Evaluation Criteria – a set of criteria that would enable security professionals involved in procurement of code analysis technologies to evaluate the technology though a vendor-neutral set of guidelines.
Researchers over at McAfee Labs have uncovered a zero-day vulnerability in Adobe Reader contained in every version of the PDF reader including the latest Reader XI (11.0.2).