metasploit

(get it in RSS or Atom)

Cybersecurity Awareness Month: 10th anniversary, 10 topical tales

10-tales-250

October 2013 marks the 10th anniversary of the USA's annual Cybersecurity Awareness Month (CSAM).

So we thought we'd come up with 10 topics, in vaguely chronological order, that have burst into our collective security concerns at various times in the last decade.

Microsoft to release an emergency security patch for Internet Explorer zero day flaw

Microsoft will be releasing an out-of-band patch for the recently-disclosed zero-day hole in Internet Explorer.

Find out if you need the patch, and start getting ready now. This one really is critical.

Microsoft advisory: Internet Explorer zero day affects most Windows versions

Microsoft advisory: Internet Explorer zero day affects most Windows versions

A newly discovered and serious security hole in Microsoft’s Internet Explorer web browser affects a wide swath of the company’s Windows and Internet Explorer installations, according to a Security Advisory released by the company late Monday.

Zero-day XML Core Services vulnerability included in Blackhole exploit kit

CVE-2012-1889 code in Blackhole exploit kit

Shortly after our original advisory about the latest zero-day vulnerability in Microsoft XML Core Services (CVE-2012-1889), code to exploit the vulnerability was seen in a Blackhole exploit kit. The start of widespread adoption and panic bells for users?

"One in 256 times *any* password might get you in" - MySQL authentication disaster

"One in 256 times *any* password might get you in" - MySQL authentication disaster

What if your authentication system itself were at fault? You could have the hardest-to-guess password, salted and hashed thousands of times, and still be at risk.

That's what happened to MySQL and MariaDB.

Zero-day Windows exploit - Microsoft issues advisory

Zero-day Windows exploit - Microsoft issues advisory

Microsoft has just published an advisory about a remotely-exploitable zero-day vulnerability in the Windows graphics rendering engine.