.png)
Latest News
PHP 5.3.10 Fixes Critical Security Vulnerability
(LiveHacking.Com) - The PHP development team have released PHP 5.3.10 to fix a recently discovered remote code execution vulnerability. The vulnerability is a result of the hash table collisions CPU usage denial-of-service fix which was added to 5.3.9. For that fix the maximum possible number of input parameters was limited to 1000, but because of a bug in the implementation a remote attacker could send a large … [Read More...]
Mozilla Releases Firefox 10 and Firefox 3.6.26 to Address Multiple Vulnerabilities
(LiveHacking.Com) - The Mozilla Foundation has released Firefox 10 and Firefox 3.6.26 to address multiple security vulnerabilities. These vulnerabilities, if exploited, could allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or perform a cross-site scripting attack. Firefox 10 fixes 8 security issues of which 5 are rated as "Critical". A "Critical" … [Read More...]
Symantec Releases pcAnywhere Patch and Declares it Safe to Use
(LiveHacking.Com) - Symantec has released a patch that, according to them, eliminates all known vulnerabilities affecting customers using pcAnywhere 12.0 and pcAnywhere 12.1. This is the latest step (but not the last) in an on going saga about source code stolen from Symantec in 2006. Only last week updated Symantec its “Claims by Anonymous about Symantec Source Code” page to notify its customers that “all … [Read More...]
Millions of WordPress Sites Exposing Potentially Private Photos Due to Misconfiguration
(LiveHacking.Com) - A security researcher has discovered that millions of web sites which run on the popular WordPress blogging plaform are exposing potentially private photos and images due to misconfiguration and a privacy vulnerability in the NextGEN Gallery plugin. The problem is that the NextGEN Gallery plugin allows unrestricted HTTP browsing of its 'gallery' directory and so exposes all the photos which … [Read More...]
Cisco Publishes Advisory About its IronPort Appliances
(LiveHacking.Com) - Cisco has released a security advisory for its IronPort Email Security Appliances (ESA) and IronPort Security Management Appliances (SMA) due to a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. Since the appliances run AsyncOS, a modified version of the FreeBSD kernel they are vulnerable to a Telnet bug (that affects FreeBSD and … [Read More...]
US-Cert Warns of On-going Denial-of-Service Attacks by Anonymous
(LiveHacking.Com) - The United States Computer Emergency Readiness Team (US-CERT), the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS), has issued a warning about on-going distributed denial-of-service attacks against different government institutions both in the USA and in the EU. According to the reports, these attacks are being attributed to the hacker … [Read More...]
Symantec Says Only Use pcAnywhere for Business Critical Purposes
(LiveHacking.Com) - In the on going saga about source code stolen from Symantec in 2006, the company has now updated its "Claims by Anonymous about Symantec Source Code" to notify its customers that "all pcAnywhere 12.0, 12.1 and 12.5 customers are at increased risk" and to "recommends that customers only use pcAnywhere for business critical purposes." It has also published a White Paper discussing the security … [Read More...]
New Version of Opera Released to Fix Cross-site Scripting Vulnerability
(LiveHacking.Com) - Opera 11.61 has been released and it is recommended that all users upgrade to the latest version to benefit from the security and stablilty changes. With regards to security, Opera 11.61 fixes two security issues: An issue where manipulation of framed content can allow cross-site scripting. An issue where script events could be used to reveal the presence of local files. The cross site … [Read More...]
Symantec Releases Hotfix for pcAnywhere
(LiveHacking.Com) - Symantec has released a hotfix for its pcAnywhere product to address multiple vulnerabilities. According to Symantec, pcAnywhere is susceptible to local file tampering elevation of privilege exploits and remote code execution exploits and as a results it is possible to execute arbitrary code on a targeted system as "System". Affected Products: Symantec pcAnywhere 12.5.x IT Management … [Read More...]
4 Key Features of Good Endpoint Security Software
(Live-Hacking.Com) - Data leakage occurs when data that should have never left the physical confines of your company’s brick and mortar walls does, and control of that data is lost. One of the main reasons why this could happen is because companies lack endpoint protection. When a user copies data to their smartphone (think contacts, critical documents that they wish to review while mobile, email … [Read More...]
.png)