Your search for vulnerabilities returned 1336 results.

Computer Associates is warning customers of yet more flaws affecting a large swathe of its products.

When 3am Labs asked us to review LogMeIn, we were not sure whether it was really appropriate for SC Magazine. The software is primarily a tool for web-based remote access and administration (there is a "network console" version for enterprise administrators, too). But it has a surprisingly broad set of security features, as well as some clever ways to tie down possible vulnerabilities in remote administration.

Security experts are warning that exploits are becoming more common and more dangerous as they begin to affect security products as well as non-Microsoft software.

SonicWALL is well known for its firewalls, but it is now starting to add optional functionality to the range. The model tested came with the extra-cost items of content filtering and anti-virus. Vulnerability assessment is another optional extra, but was not supplied on the review unit.

The Symantec Gateway Security product combines firewall, content filtering and intrusion detection in one rack-mounted system that is 1U high. The content filtering includes anti-virus and anti-spam, plus the blocking of inappropriate content and non work-related surfing. The firewall has all the usual features you would expect from a modern firewall: stateful inspection, packet filtering, NAT, IPsec VPN and full inspection application proxies.

Flaws in data back-up products were among the software problems cited as most serious in a quarterly update of the SANS top 20 most critical vulnerabilities released Monday. Hackers are increasingly taking aim at vulnerabilities in security products rather than operating systems, according to a new report. {Announcement hits Monday}TruSecure Corporation has released a product to help security administrators quickly understand intelligence data from their disparate security solutions and take action where necessary. Cisco Systems revealed five new vulnerabilities in one product line on Thursday. Cisco Systems and Internet Security Systems jointly sued a researcher who presented data on vulnerabilities in Cisco router software at the Black Hat Briefings in Las Vegas. In an effort to thwart zero-day attacks, 3Com is launching a program that rewards security researchers for finding vulnerabilities. Security researchers hit out at database vendor Oracle by releasing details of workarounds for six security vulnerabilities that remain unpatched. Microsoft on Tuesday released patches for three vulnerabilities rated as critical in its monthly security update.

In the Gateway Security product, Symantec has come up with a range of gateway appliances, each of which combines firewall, anti-virus, virtual private network (VPN), content filtering and intrusion detection in one rack-mounted system that is 1U high.

Policy enforcement is only as good as your management system allows, so a serious vulnerability could go unnoticed without prior knowledge of the problem.

Security Expressions allows deployment using no-agent technology to ensure that, once installed on either Windows NT or 2000 systems, the administrator can add machines within a group, that are required to adhere to the policies that pertain to that group.

Qualys has set a worthy goal for security companies to chase throughout 2006: cutting the half-lives of vulnerabilities by one-fifth. The Mozilla Foundation has released a security update for Firefox that fixes critical vulnerabilities reported earlier this week in the open-source browser. The SANS Institute, together with security experts from government and industry, released a list of the most critical internet security vulnerabiliites for the first quarter of 2005. Microsoft has downplayed additional memory corruption vulnerabilities in its Windows metafile image processing. On the second Tuesday of every month, Microsoft releases its latest compilation of security patches, prompting security professionals to quickly evaluate the impact of each on their entire infrastructure, put together a test and implementation plan, and efficiently close up those pesky vulnerabilities before the bad guys can get through. Just like clockwork, right? Don’t we wish!