Nearly 80 percent of apps reviewed by HP contained vulnerabilities outside of their source code, indicating that misconfigured software is a growing security problem for enterprises.
IT pros and corporate board members do not speak the same language when it comes to security, which means that security does not get the resources it needs, according to a survey of 350 IT pros in the U.K. conducted by OnePoll on behalf of network security firm RedSeal Networks.
Oracle is releasing a breathtaking 147 security patches on Tuesday, including 36 patches for its much exploited Java software. A full 34 of the Java security holes are remotely exploitable without authentication.
Most of the mobile banking apps examined by IOActive Labs have security vulnerabilities, according to a blog by researcher Ariel Sanchez.
Vulnerabilities in WordPress continue, with the latest example being the website hacking of Canadian internet services company Storm, reports Chris Larsen, a security researcher at BlueCoat.
Mozilla has released security updates for its Firefox browser, Thunderbird email client and Seamonkey cross-platform Internet suite, patching 10 security holes, including five critical flaws.
Oracle is releasing security patches on Tuesday for 90 new vulnerabilities across hundreds of Oracle products, the software giant said in a pre-release announcement for its quarterly critical patch update.
Microsoft's anti-malware software for Windows 8 and RT, Windows Defender, suffers from a security hole of its own, the company warned in its advanced notice for its monthly Patch Tuesday update being released this week.
The number of critical security vulnerabilities is on the decline, but the total number of vulnerabilities is on the rise, according to a security report issued Tuesday by HP. Critical vulnerabilities, defined as those enabling a hacker to gain control of a computer or network, made up 20 percent of total vulnerabilities scored by the Open Source Vulnerability Database, down from 23 percent in 2011, according to the HP 2012 Cyber Risk Report.
Microsoft is fixing a large number of security holes across most of its products this Tuesday as part of its monthly patch schedule, including "critical" vulnerabilities in Exchange server, Windows and Internet Explorer (IE).