SEARCH RESULTS
 
Showing 1-10 of 321 records
 
Expand article

Vulnerabilities in Antivirus Software - Conflict of Interest

The Article has images
2008-07-24 04:38:07 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Vulnerabilities within security solutions -- antivirus software in this case -- are a natural event, however, the conflict of interests and failure of communication between those finding them and those failing to acknowledge them as vulnerabilities in general, harms the customer. How they get count, and how is their severity measured in a...
 
Tags: vulnerabilities, day vulnerabilities, security vulnerabilities, antivirus software, day vulnerabilities auction, software vulnerabilities, products, runs claims, security products
 
 
 
 
Expand article

Recent Symantec and IBM vulnerabilities, giblets, banned APIs and the SDL

2008-01-04 23:37:00 by sdl in The Security Development Lifecycle
 
...vulnerabilities in various Symantec email security products. The bugs caught my eye for a number of reasons First and foremost, security bugs in security products are always of great interest and concern to me, because customers use security technology to defend themselves from attack Second, I like to analyze security vulnerabilities in...
 
Tags: linker sdl requirements, sdl requirements, ibm, sdl, requirements, symantec, bugs affect ibm, bugs, sdl refers
 
 
 
 
Expand article

Getting vulnerabilities in the application fixed

2007-10-27 13:20:07 by RaviC in Musings on Information Security
 
...vulnerabilities that is detected in the application Let us accept the fact that developers are mostly busy focusing their time and effort on the functionality of application. Most of the time the software development manager gets away by using the busy excuse. One approach that I suggest you could is to rank the vulnerabilities based on...
 
Tags: vulnerabilities, software development manager, vulnerabilities based, risk acceptance form, risk, severitythreat vulnerabilities, form, form acknowledge, application
 
 
 
 
Expand article

Blue Box #74: 2008 Crystal Ball Edition, Asterisk and Trixbox vulnerabilities, top 10 lists, VoIP security trends for 2008 and more....

2008-01-08 16:42:40 by HASH0x8940138 in Blue Box: The VoIP Security Podcast
 
...vulnerabilities, top 10 lists, VoIP security trends for 2008 and more Welcome to Blue Box: The VoIP Security Podcast #74, a 44-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3, 20MB) or subscribe to the RSS feed to download the show automatically You may also listen...
 
Tags: trends, vulnerabilities, voip security trends, security, trixbox vulnerabilities, voip vulnerabilities, listener comment line, comment line, top
 
 
 
 
Expand article

Blue Box #74: 2008 Crystal Ball Edition, Asterisk and Trixbox vulnerabilities, top 10 lists, VoIP security trends for 2008 and more....

2008-01-08 17:42:39 by Dan York in Blue Box: The VoIP Security Podcast
 
...vulnerabilities, top 10 lists, VoIP security trends for 2008 and more Welcome to Blue Box: The VoIP Security Podcast #74, a 44-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3, 20MB) or subscribe to the RSS feed to download the show automatically You may also listen...
 
Tags: trends, vulnerabilities, voip security trends, security, trixbox vulnerabilities, voip vulnerabilities, listener comment line, comment line, top
 
 
 
 
Expand article

What If All Vulnerabilities Had This Disclosure Timeline?

2008-02-07 02:08:33 by Chris Wysopal in Zero in a bit
 
...vulnerabilities in its shipping products. Still, the first disclosure time line is troubling Gleg knew how to reproduce this problem at least a month before yet they didnt tell the vendor, just their customers. Its unclear what benefit Glegs customers get from the vendor not knowing this information unless they use this information to...
 
Tags: vulnerability finders, vulnerability, vulnerability exists, heap overflow vulnerability, gleg realplayer vulnerability, gleg customer, customer, gleg, exploit code
 
 
 
 
Expand article

Blue Box #80: VoIPShield vulnerabilities, what is ethical disclosure?, SIP trunking, VoIP security news, new nomadism, and much more...

The Article has audio podcast
2008-07-15 16:22:35 by HASH0x8b3bcb4 in Blue Box: The VoIP Security Podcast
 
...vulnerabilities, what is ethical disclosure?, SIP trunking, VoIP security news, new nomadism, and much more Welcome to Blue Box: The VoIP Security Podcast #80, a 44-minute podcast from Dan York and Jonathan Zar covering VoIP security news, comments and opinions Download the show here (MP3, 20MB) or subscribe to the RSS feed to download the...
 
Tags: voip, voip security news, voip news australia, voip news, voip security, voip security podcast, voipsa blog site, voipsa, voipshield vulnerabilities
 
 
 
 
Expand article

Covert channel vulnerabilities in anonymity systems

2007-12-10 10:39:42 by Steven J. Murdoch in Light Blue Touchpaper
 
...vulnerabilities in anonymity systems has now been published The spread of wide-scale Internet surveillance has spurred interest in anonymity systems that protect users privacy by restricting unauthorised access to their identity. This requirement can be considered as a flow control policy in the well established field of multilevel secure...
 
Tags: covert, covert channel vulnerabilities, vulnerabilities, network covert channels, covert channels, channels, covert channel, anonymity systems, systems
 
 
 
 
Expand article

Coming Up: NAC Sauces & 1X Vulnerabilities

2008-07-23 04:09:44 by JJ in Security Uncorked
 
...Vulnerabilities: Designing for Security Often, users put too much stake in 802.1X, relying on it too heavily in many circumstances. There are vulnerabilities with 1X, but most can be mitigated or avoided with smart planning. This series describes various vulnerabilities with 802.1X, gives you details on each and provides information on how to...
 
Tags: vulnerabilities, special nac sauce, solution, nac solution, blog post series, technology primer, series describes, happy medium, includes juniper