SEARCH
Archive
That Big Symantec Antivirus Bug
A Duo Labs analysis of the recent critical vulnerability found in Symantec’s Antivirus Decomposer engine, used in Symantec Endpoint Protection and other Symantec and Norton security products, and discovered by Tavis Ormandy.
DROWN Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)
A newly discovered vulnerability in crypto protocols breaks connections and reminds us all that it's long past time to move on from SSLv2.
OpenSSL Provides Another Reminder to Disable SSLv2 (and 3, while you’re at it)
A newly discovered vulnerability in OpenSSL reveals private keys and reminds us all that it's long past time to move on from SSLv2.
Critical Vulnerability Affecting Glibc: Patch Immediately
The Glibc Project has announced a critical vulnerability affecting systems using the glibc DNS client-side resolver, that could, under certain conditions, lead to remote code execution on a system using glibc.