disclosure vulnerabilities
California Identity Theft Laws & Application Security: AB 1950, SB 1386, and Beyond
White Paper The Cenzic Hailstorm solution helps companies comply with AB 1950, because companies can use automated processes to asses risk, check for vulnerabilities, test code and controls during software development for the... [13 Nov 2009]
Converged Threats on the Security Landscape
White Paper The essence of a converged threat is the combination of viruses, spyware, phishing, spam and other attempts at attack or exploitation of vulnerabilities that can disrupt networks and/or lead to theft or unwanted... [13 Nov 2009]
Cisco wireless LAN: At risk from 'skyjack' attack
News For that reason we do not provide comment on specific vulnerabilities until they have been publicly reported, consistent with our well-established disclosure process. As a matter of policy, Cisco takes... [25 Aug 2009]
iPhone 3.0 patches 46 security holes
News In addition, bugs in Safari could lead to the disclosure of the search history and to successful 'clickjacking' attacks. Independent security firm Secunia ranked the most serious of the vulnerabilities... [19 Jun 2009]
Microsoft's Patch Tuesday unleashes record number of updates
News And Microsoft fixed a moderate vulnerability in Windows Search that could allow information disclosure if a user performs a search that returns a specially crafted file as the first result, or if the user previews a... [10 Jun 2009]
Windows, IE, Word, Office, and Excel all getting patched
News Three important vulnerabilities in Windows could allow an attacker to elevate privileges and one moderate vulnerability in Windows could enable information disclosure. Meanwhile, the six critical... [05 Jun 2009]
As crunch bites: Don't neglect the logs
Comment Failure to adequately protect information and ensure its integrity has not been compromised could also lead to organisations being unable to comply with a growing roster of regulations requiring higher data security standards including:... [05 Feb 2009]
Android security hole gets patched up
News Earlier, Google appealed for what it called "responsible disclosure" of security vulnerabilities - in other words, a grace period to fix problems before they're made public to reduce the likelihood an... [03 Nov 2008]
Internet Security, Vulnerability Disclosure, and Software Provision
White Paper This paper examines how software vulnerabilities affect firms that sell software and consumers that purchase software. In particular, they model three decisions of the firm: an upfront investment in the quality of the... [14 Oct 2008]
'Huge' Apple update plugs 40 Leopard security holes
News The update, released this week, plugs flaws that render OS X Leopard users vulnerable to systems compromises including denial-of-service attacks, information disclosure and remote code execution. Included in the update... [30 May 2008]
Admit to security breaches, companies told
News Full Disclosure campaign silicon.com is aiming to make businesses and government take data security more seriously. Read more here.silicon.com has been calling for such laws under its Full Disclosure... [27 May 2008]
Bugs found in Apple's Safari for Windows
News Maynor, who works for consultancy Errata Security, added that, in line with his company's disclosure policy, he would not report the bugs to Apple. Maynor responded by questioning what he termed "the value in reporting... [13 Jun 2007]
Web 2.0 security warning for business
News If you have policies around content, you can control what's going on, and prevent partial disclosure of financial results, or product design leaks. An attacker can gain access privileges to sensitive page content and... [27 Mar 2007]
More flaws: Bugs hit Firefox, IE
News Regarding the cookie problem, Zalewski wrote in a posting to the Full Disclosure mailing list: "The impact is quite severe. Last week, two other information-disclosure bugs in Firefox were publicised. [19 Feb 2007]
Google fixes Gmail address book flaw
News Adkins said: "Responsible disclosure allows companies like Google to keep users safe by fixing vulnerabilities and resolving security concerns before they are brought to the attention of the bad guys. [03 Jan 2007]
Keep updated for stories matching disclosure vulnerabilities via RSS
