Vendors/Products
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Tuesday turned out to be a busy day for browser makers. The three major vendors in the space
As the zero days in Adobe Flash continue to pile up, Mozilla has taken the unusual step of disabling by default all versions of Flash in Firefox.
Google has reduced spam reaching inboxes to a fraction of a percent, but in the process sometimes misclassifies bulk-mailed messages like monthly statements and ticket receipts. It
Mozilla has rolled out a new version of its Firefox browser, an update that includes patches for four critical security vulnerabilities and several less-severe bugs. IN all, Firefox 39 patches 13 vulnerabilities, including two high-risk bugs and six moderate-level ones. The most dangerous vulnerabilities, however, include a pair of use-after-free bugs in one part of the browser and another in a separate component, as well as a number of memory corruption flaws.
A fix has been released for a vulnerability in a widely used piece of code in Android devices, which could cause apps to crash or display unwanted dialog boxes.
A security flaw in a common Unix software component remains unpatched in one of the most popular Linux distributions, more than a year after an official fix was published.
Shortly after this article was posted, WordPress released version 4.2.1, flagging it as a critical update. Website owners are encouraged to update immediately, and automatic updates have started to roll out. More information is here.
The maintainers of WordPress announced a new version for the blogging platform, which is considered a critical security release that addresses a highly important cross-site scripting (XSS) vulnerability.
With the release of Chrome 42 this week, Google fixed more than 40 vulnerabilities. But the most significant security change in the new browser is Google
As mentioned in an update to my post on the HNAP bug in the DIR-890L, the same bug was reported earlier this year in the DIR-645, and a patch was released. D-Link has now released a patch for the DIR-890L as well.
In a long SEC filing from today, PayPal states that its merchants can now begin accepting Bitcoin. As the original text to the filing reads: A merchant can typically open a standard PayPal account and begin accepting payments through PayPal within a few minutes. Most online or mobile merchants can onboard quickly and are not required to invest in new or specialized hardware.
MongoDB, a popular NoSQL database used in big data and heavy analytics environments, has patched a serious denial-of-service vulnerability that is remotely exploitable.
More vulnerabilities were discovered in Google Chrome last year than any other piece of core internet software
Hold the logo and the dedicated website; the anticipated high-severity OpenSSL vulnerability is serious, but it
Mozilla has issued a hot fix for Firefox that removes the Superfish root certificate from the browser
Imagine for a moment the following scenario: you're the manager for a busy bank branch in a major city. You come back from lunch and are told by one of your employees that someone from corporate IT dropped by to check on a reported problem with a branch PC.
There are two memory corruption vulnerabilities in some versions of the VLC open-source media player that can allow an attacker to run arbitrary code on vulnerable machines.
A spat between Google and Whitehat Security has erupted after engineers at the search giant revealed dangerous vulnerabilities found in the latter's anti-Google privacy-centric Chrome spin-off browser.
Signal transmission firm Belden has agreed to buy security tools firm Tripwire for $710m in cash. The deal, announced Monday, is expected to close in the first quarter of 2015, subject to customary closing conditions.
Google has released Chrome 39, fixing 42 security vulnerabilities and removing support for the fallback to SSLv3, the component that was the target of the POODLE attack revealed last month.