Is it time to ban dangerous third-party apps?

Application Attacks (Buffer Overflows, Cross-Site Scripting)

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

  • Oracle accidentally exposes flaw, exploit

    A database researcher says details about a high-risk privilege escalation vulnerability were mistakenly posted on Oracle's MetaLink site last week. There's no patch, but there are workarounds.  Article

  • Security Blog Log: Nash, still at helm, addresses IE fixes

    With big updates in store for Internet Explorer, outgoing security chief Mike Nash uses Microsoft's security blog to address concerns.  Column

  • Third-party fixes available for IE flaw

    The unofficial work-arounds for the createTextRange flaw suggest the security community doesn't like waiting for Microsoft to address potentially dangerous vulnerabilities.  Article

  • Microsoft investigates two IE flaws

    Attackers could use the latest security holes to cause a denial of service or launch malicious code. Proof-of-concept exploit code has been written for one flaw.  Article

  • Adobe fixes critical Macromedia flaws

    Flash, Shockwave and other multimedia products could leave systems vulnerable to attack via a malicious Shockwave Flash object file. The vendor recommends users update immediately.  Article

  • Security Wire Weekly: Sourcefire update, new Symantec report, bruised Apple and infosec pros unstain

    This week's podcast features Forrester's Paul Stamp on Check Point's beleaguered Sourcefire acquisition, plus details on a new Symantec report, Apple's latest black eye and why BlackBerry never squeezed security pros. Listen on your PC or download to...  News

  • Attacks driven by love of money

    Symantec's latest threat report shows digital desperadoes are exploiting Web application flaws and using "modular" malcode to launch lucrative attacks.  Article

  • State-based attacks: Session management

    In this excerpt from Chapter 4 of "How to Break Web Software: Functional and Security Testing of Web Applications and Web Services," authors Mike Andrews and James A. Whittaker identify session management techniques Web developers should use to prote...  Book Chapter

  • Content Spoofing

    This excerpt from "Preventing Web Attacks with Apache" explains how content spoofing attacks exploit vulnerabilities and how to use Apache to protect against them.  Book Chapter

  • Man-in-the-middle attacks

    This excerpt from Chapter 2 of "Securing Storage: A Practical Guide to SAN and NAS Security" examines how man-in-the-middle attacks affect Fibre Channel security and examines how to determine if your organization is at risk.  Book Chapter

Back to top