Category Archives: Vulnerabilities

End User Considerations For OpenSSL Vulnerabilities

Heartbleed

OpenSSL vulnerabilities could enable a remote hacker to gain access to sensitive data, including secret keys and authentication credentials, via incorrect memory handling. Some of these vulnerabilities could also cause potential leak of non-encrypted information and DTLS (Datagram Transport Layer

Heartbleed Critical Vulnerability in OpenSSL

Heartbleed

The security community is actively discussing over this week the openssl vulnerability that allows attacker to exploit the Heartbeat TLS and receive 64KB in the RAM memory. The attack can be repeated continuously to get sensitive information from end users

Microsoft to release 4 patches in January

Patch Windows

Microsoft have released the first advance notification for this year with only 4 security bulletins. there is no critical security bulletin but we have one important which is a remote code execution vulnerability.   Windows operating systems, Office and Dynamics

Backdoor Found in Linksys and Netgear

Security researchers found a new backdoor in Linksys WAG200G. The Firmware include a service for remote connection at port 32764 , this allows remote user to get the router configuration settings , including user name , admin password, password for

NSS Labs suggests increasing the cost of zero-days

NSS Labs released a new study looking at the 0day vulnerability market. The research calculated how many exploits purchased through open iDefense Vulnerability Contributor Program (VCP) and HP TippingPoint’s Zero Day Initiative (ZDI). The 2 projects are widely known for

Microsoft released 11 bulletins in December Patch Tuesday

Microsoft issued the last security advisory for this year, 11 security bulletins have been released to address five critical vulnerabilities in Internet Explorer, Windows operating system, Microsoft Exchange and GDI+. The remaining six bugs are rated as important and they

Microsoft Fixes 4 Critical Vulnerabilities in October Patch Tuesday

Over this week Microsoft released the monthly security advance notification. This month we have 8 security bulletins that comes to patch several vulnerabilities in windows operating system, Internet Explorer,. NET, Office, SharePoint and Silver-light. 7 updates are for fixing remote