Network World - VMware has issued a patch for its VMware View product that fixes a security vulnerability that could allow an unauthorized user to access system files. "VMware View contains a critical directory traversal vulnerability ...
Tags: VMware, security vulnerability, system files, arbitrary files
Medical devices often use commercial PCs and have wireless connections that make them vulnerable to malware, or require software updates for security, but the U.S. may not be doing an adequate job tracking these risks, researchers ...
Tags: Medical-Device Security, security IT, malware, computer technology
Microsoft will "draw a line in the sand" come April 2014 when Windows XP exits support, security researchers said today, even if millions of customers are still running the aged OS and a zero-day bug threatens the Windows ecosystem. Or ...
Tags: Microsoft, Windows XP, OS, Windows ecosystem
Mozilla yesterday took the unusual step of yanking Firefox 16 from distribution just a day after its release. The company said a critical vulnerability triggered the move. The bug was apparently overlooked by Mozilla while it was ...
Tags: Mozilla, yanking Firefox 16, distribution, critical vulnerability
Dutch security researchers hacked an iPhone 4S on Wednesday, showing how a malicious webpage can send all pictures, address book data and browsing history on the phone to a server of the attacker's choice. As participants in the Mobile ...
Tags: Dutch, security researchers, iPhone 4S, Mobile Pwn2Own competition
Microsoft yesterday warned Windows users of possible "man-in-the-middle" attacks able to steal passwords for some wireless networks and VPNs, or virtual private networks. It won't issue a security update for the problem, however. The ...
Tags: Microsoft, Windows users, attacks, passwords, wireless networks, VPNs
Popular online social networking site Tumblr was ravaged on Monday by an Internet worm that spewed racist and inflammatory messages across thousands of user accounts. The malicious hacking group known as GNAA claimed responsibility. The ...
Tags: Blog site, cybercrime, hackers, highlightedpost, Malicious attack
A new tool allows Mac OS X attackers with root OS access to easily steal the keychain password data of logged in users and reinforces the dangers of granting administrative privileges to applications without serious consideration. The ...
Tags: Apple, hackers, Keychain data, Mac OS X
KPN closed a self-service portal for corporate ADSL customers on Tuesday after it discovered that 120,000 of its 180,000 business clients were still using default passwords, all variants of "welkom01," a company spokesman said Friday. The ...
Tags: KPN, ADSL customers, default password
A European aeronautical supplier's website has been infected with a state-sponsored zero-day exploit, according to security firm, Sophos. Business IT administrators and other computer users should use caution in the light of the discovery ...
Tags: European aeronautical supplier, website, Microsoft software
Microsoft refuted claims on Thursday that an information disclosure leak in its Internet Explorer browser poses a privacy risk, arguing that the company publicising the issue is seeking to put its competitors in an unfavourable light. ...
Tags: Microsoft, Explorer browser, web pages, software products
Skype has disabled the account password reset option on its website following reports that the feature can be abused to hijack Skype accounts if the attackers know the email addresses associated with them. Instructions on how to exploit ...
Tags: Skype, potential attacker, password reset, account hijacking method
The most recent update for Mozilla's Firefox web browser has been taken offline one day after release because of a newly discovered security vulnerability. Mozilla has not indicated how many users could be vulnerable, but claims that ...
Tags: Firefox, Mozilla, web browser, Explorer
Security researchers have discovered a new vulnerability in all supported versions of Oracle Java that enables attackers to bypass sandbox defences. The vulnerability, which affects Java Standard Edition versions 5, 6 and 7, can be used ...
Tags: Java Flaw, Bypass Sandbox, vulnerability, Security Explorations
Details of further Java exploits are coming to light,while Oracle has still yet to release a fix for its customers. Since Computing reported on Michael Schierl's research into the Java 7 exploit,Immunity Products'Esteban Guillardoy has ...
Tags: Oracle, Java exploit, security bug, patch