Security Bytes:

Security Management


February 5, 2008  10:00 AM

Microsoft completes Vista SP1, but hold the excitement



Posted by: Leigha
Application Security, Information Security Threats, Microsoft Security, Network Security, Platform Security, Security Management

Splashed across the Windows Vista Team blog is a message from Mike Nash declaring that Windows Vista SP1 has been released to manufacturing, which means it'll start being...

February 1, 2008  11:29 AM

Why StopBadware.org hates RealPlayer



Posted by: Leigha
Application Security, Information Security Threats, Laws, Investigations and Ethics, Network Security, Security Management

Here's something that didn't surprise me in the least: Stopbadware.org has added the immensely popular RealPlayer to its hit list of misbehaving apps. The group's problem is that RealNetworks doesn't sufficiently disclose that its media player is bundled with adware programs. Here's the details...


January 29, 2008  9:10 AM

Metasploit gets a facelift



Posted by: Leigha
Application Security, Information Security Threats, Network Security, Platform Security, Security Management

HD Moore has just released an upgrade for his popular Metasploit attack application, complete with a new Windows interface that will allow more researchers to use it. Moore says in his Metasploit blog that Version 3.1 features a graphical user interface,...


January 24, 2008  7:57 AM

Cisco plugs security holes in PIX, ASA



Posted by: Leigha
Information Security Threats, Network Security, Security Management

Cisco has delivered a security update for flaws in its popular PIX 500 Series Security Appliance (PIX) and 5500 Series Adaptive Security Appliance (ASA). Says Cisco: "A crafted IP packet vulnerability exists in the...


January 16, 2008  8:30 AM

Happy Valentine’s Day from the Storm Trojan



Posted by: Leigha
Application Security, Data Breaches and Identity Theft, Information Security Threats, Microsoft Security, Network Security, Platform Security, Privacy, Security Management

Valentine's Day isn't for another month, but that's not stopping controllers of the Storm Trojan from using the holiday theme to trick users into downloading the malware. A posting on the SANS Internet Storm Center Web site describes...


January 16, 2008  8:21 AM

Apple plugs flaws in QuickTime, iPhone



Posted by: Leigha
Application Security, Information Security Threats, Platform Security, Security Management

Apple has released security updates for critical flaws in its popular QuickTime media player and the iPhone. Apple announced the release of QuickTime 7.4 to address flaws attackers could exploit to run malicious code on targeted...


January 11, 2008  8:01 AM

Another day, another QuickTime zero-day



Posted by: Leigha
Application Security, Information Security Threats, Security Management

Here we go again ... Vulnerability researcher Luigi Auriemma has reported an Apple QuickTime flaw attackers could exploit to hijack targeted machines. The problem is a boundary error in how RTSP replies are handled, and it can be exploited to...


January 11, 2008  7:45 AM

Oracle plans 27 security updates Tuesday



Posted by: Leigha
Information Security Threats, Network Security, Platform Security, Security Management

Oracle released an advance bulletin for the Critical Patch Update (CPU) it has planned for Tuesday. If all goes to plan, DBAs are looking at 27 fixes across the database giant's product...


January 10, 2008  11:31 AM

Storm goes phishing



Posted by: Leigha
Application Security, Data Breaches and Identity Theft, Information Security Threats, Network Security, Platform Security, Security Management

The Storm Trojan and related botnets have become so huge and prolific in its social engineering tricks that it's almost becoming easy to overlook some of what it is up to. The file on this one is getting so thick it's getting harder to keep up with each new page. But here's something that stands...


January 8, 2008  9:32 AM

Security update for VMware ESX Server, VirtualCenter



Posted by: Leigha
Information Security Threats, Security Management

VMware has released a hefty security update to address flaws in the VMware ESX Server and VirtualCenter. Attackers could exploit the flaws to perform actions with escalated privileges, cause a denial of service or...


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: