|
The Dirty Dozen
|
|
12:21 CET on the 25th June 2009. Entry written by Jakob Balle.
|
|
And it only takes one "dirty" program to compromise your PC - but the bad guys got a dozen shots on average!
|
|
|
Secunia PSI: US PCs Have 2,720,800,000 Vulnerable Programs Installed!
|
|
16:37 CET on the 24th June 2009. Entry written by Mikkel Winther.
|
|
Secunia PSI 1.5 released with new features and interesting statistics
|
|
|
Secunia PSI now also in French, Hungarian, Portuguese, and Norwegian
|
|
10:25 CET on the 10th June 2009. Entry written by Mikkel Winther.
|
|
Interested in translating the Secunia PSI to Chinese, Indian, Turkish, Arabic, Finnish, Korean, Bulgarian, Albanian, Punjabi, Georgian, Malaysian, Nepalese, Slovenia, Czech, Thai, Swedish, Japanese, Icelandic, Italian, Romanian, Serbian, Faroese, or any other language?
|
|
|
Monthly Binary Analysis Update (May)
|
|
13:43 CET on the 9th June 2009. Entry written by Carsten Eiram.
|
|
Strap yourself in people for it's time to blog a bit about the most interesting of the 27 analyses issued by the Secunia Binary Analysis Team in May.
|
|
|
Improve Your Security with the Secunia PSI
|
|
11:14 CET on the 28th May 2009. Entry written by Jakob Balle.
|
|
We are proud to announce a new BETA release for the Secunia PSI. This release offers new functionality that will significantly impact how you browse the Internet and how you view and use your Secunia System Score.
|
|
|
Monthly Binary Analysis Update (April)
|
|
15:59 CET on the 12th May 2009. Entry written by Carsten Eiram.
|
|
April yielded 25 issued BA reports with another 0-day vulnerability in Microsoft Office, 8 Microsoft security bulletins, and more vulnerabilities reported in various PDF viewers' JBIG2 implementations, all accompanied by other daringly sexy vulnerabilities.
|
|
|
RSA, Kleenex, and New PSI Initiatives
|
|
12:30 CET on the 6th May 2009. Entry written by Mikkel Winther.
|
|
As some might have noticed Secunia was present at the RSA Conference in San Francisco April 20-24th.
|
|
|
Monthly Binary Analysis Update (March)
|
|
16:53 CET on the 20th April 2009. Entry written by Carsten Eiram.
|
|
March is over with 20 binary analyses issued and due to yet another busy month, I'm again late on issuing this blog.
|
|
|
Secunia Research and BA / Advisories Teams
|
|
14:21 CET on the 3rd April 2009. Entry written by Carsten Eiram.
|
|
I often receive questions about how the different teams in my department work, their responsibilities etc. and thought that I'd blog about it. That way I can just provide people asking these questions with a link in the future - a great example of Secunia efficiency.
|
|
|
Monthly Binary Analysis Update (February)
|
|
16:37 CET on the 11th March 2009. Entry written by Carsten Eiram.
|
|
February is (long) gone and it's therefore time to re-cap on our Binary Analysis feats in the recent month.
|
|
|
Critical Vulnerability Fixed in Adobe Flash Player
|
|
16:19 CET on the 10th March 2009. Entry written by Carsten Eiram.
|
|
Recently, Adobe released a patch, which fixes multiple vulnerabilities for Adobe Flash Player. It turns out that at least one of them is quite nasty and does indeed allow remote code execution in a very reliable manner.
|
|
|
Secunia 2008 Report
|
|
12:01 CET on the 25th February 2009. Entry written by Secunia.
|
|
Secunia is pleased to announce the release of the annual Secunia report for 2008.
|
|
|
Adobe Reader/Acrobat 0-day Clarification
|
|
16:05 CET on the 24th February 2009. Entry written by Carsten Eiram.
|
|
By now, most people should hopefully be aware of the 0-day vulnerability currently being actively exploited in Adobe Reader/Acrobat.
|
|
|
Fighting Vulnerabilities
|
|
14:00 CET on the 13th February 2009. Entry written by Niels Henrik Rasmussen.
|
|
Since the inauguration of Secunia in 2002, we have offered a variety of free community services to aid you in staying secure online.
|
|
|
Monthly Binary Analysis Update (January)
|
|
13:01 CET on the 12th February 2009. Entry written by Carsten Eiram.
|
|
The first month of 2009 is behind us and we started the year out nicely by issuing 29 BAs.
|
|
|
The best new Windows program of 2008
|
|
9:30 CET on the 14th January 2009. Entry written by Mikkel Winther.
|
|
Secunia Personal Software Inspector has been chosen as one of the best new Windows programs in 2008.
|
|
|
Monthly Binary Analysis Update (December)
|
|
15:23 CET on the 9th January 2009. Entry written by Carsten Eiram.
|
|
A new month and year has begun and it is therefore time for me to wrap up the old year with a December update on our binary analysis shenanigans.
|
|
|
Secunia PSI: ¡Habla español!
|
|
12:24 CET on the 17th December 2008. Entry written by Jakob Balle.
|
|
The Secunia PSI 1.0 - now available in Spanish!
|
|
|
Internet Explorer Data Binding 0-Day Clarifications
|
|
12:25 CET on the 12th December 2008. Entry written by Carsten Eiram.
|
|
As everyone using Internet Explorer hopefully are aware of, then there's a new 0-day circulating. There has been a lot of confusion as to both the problem cause and the browser versions affected, but in this blog, I should be able to sort it all out.
|
|
|
1.91% of all PCs are fully patched!
|
|
9:19 CET on the 3rd December 2008. Entry written by Jakob Balle.
|
|
Do you know how many PCs have 1 or more insecure programs installed?
|
|
|
Monthly Binary Analysis Update (November)
|
|
12:31 CET on the 2nd December 2008. Entry written by Carsten Eiram.
|
|
Another month has passed and it's again time for our new initiative with me ranting a bit about the monthly achievements of the Secunia Binary Analysis team.
|
|
|
Secunia PSI 1.0 (Final) has been released
|
|
9:00 CET on the 25th November 2008. Entry written by Niels Henrik Rasmussen.
|
|
Today it finally arrived: The first official version of the Secunia PSI v1.0!
|
|
|
ISS X-Force vs. Trend Micro
|
|
15:34 CET on the 14th November 2008. Entry written by Carsten Eiram.
|
|
IBM ISS X-Force recently reported multiple vulnerabilities in Trend Micro ServerProtect. As Trend Micro claims to have fixed the vulnerabilities, which X-Force disagrees with, X-Force issued a blog as well to clarify some issues.
|
|
|
Monthly Binary Analysis Update
|
|
12:24 CET on the 3rd November 2008. Entry written by Carsten Eiram.
|
|
This month has been quite interesting for the Secunia BA team with a Microsoft Tuesday weighing in at the heavy end of the scale, nicely accompanied by other critical vulnerabilities in e.g. Sun Java System Web Proxy Server, CUPS, Trend Micro OfficeScan, Adobe PageMaker, and OpenOffice to name a few.
|
|
|
Secunia PSI makes patching insecure programs easy for all
|
|
13:57 CET on the 29th October 2008. Entry written by Jakob Balle.
|
|
Its been 4 months since we issued Secunia Personal Software Inspector (PSI) Release Candidate 3 (RC3), we are happy to announce, that as of today, Secunia PSI Release Candidate 4 (RC4) is ready for prime time.
|
|
|
Danish successes in promoting IT security
|
|
15:15 CET on the 27th October 2008. Entry written by Mikkel Winther.
|
|
Secunia participated in a nation-wide campaign focused on updating software on private users PC's in October 2008, in collaboration with The National IT and Telecom Agency, The Danish Bankers Association, Nordea, Danske Bank, TDC and others.
|
|
|
Recap On The Internet Security Suite Test
|
|
16:05 CET on the 17th October 2008. Entry written by Thomas Kristensen.
|
|
The test of the 12 Internet Security Suites published earlier this week has generated a lot of reactions, however, it appears that some have misinterpreted the purpose of the test.
|
|
|
Symantec beats the competition...
|
|
16:00 CET on the 13th October 2008. Entry written by Thomas Kristensen.
|
|
With a mind-blowing detection rate, almost 10 times higher than the nearest competitor, Symantec has beaten eleven other Internet Security Suites by offering a superior detection rate of exploits.
|
|
|
Secunia is part of a nation-wide campaign for promoting patching
|
|
11:12 CET on the 6th October 2008. Entry written by Mikkel Winther.
|
|
In collaboration with The National IT and Telecom Agency, The Danish Bankers Association, TDC and others, Secunia is participating in a nation-wide campaign focused on updating software on private users PC's in October 2008.
|
|
|
One Stop Exploit Shop
|
|
17:08 CET on the 8th September 2008. Entry written by Thomas Kristensen.
|
|
As of today it will be possible for respectable security outfits and certain corporate business units to buy Secunia Binary Analyses, PoCs, and exploits on a "pay as you go" basis through our online shop.
|
|
|
A new face - The same reliable intelligence
|
|
15:59 CET on the 5th September 2008. Entry written by Niels Henrik Rasmussen, CEO.
|
|
6 years ago the first user visited Secunia... Now we have more than 5 million annual visitors and 70.000 daily users of the Software Inspector solutions.
|
|
|
Secunia PSI reaches 500,000 users
|
|
11:05 CET on the 30th May 2008. Entry written by Thomas Kristensen.
|
|
As of today, the number of PSI users hits the 500,000 user mark. That's half a million users, who are informed when a new security patch is available for some of the more than 42 million monitored software installations.
|
|
|
Secunia NSI 2.0 Final Release - try it for free
|
|
13:43 CET on the 2nd May 2008. Entry written by Thomas Kristensen.
|
|
Secunia has released the Secunia NSI 2.0
|
|
|
Free Public Beta test of Secunia NSI version 2
|
|
12:36 CET on the 11th April 2008. Entry written by Jakob Balle.
|
|
Get free instant access to try the new version of the Secunia NSI ? the corporate edition of the popular Secunia PSI.
|
|
|
When does poor design become a vulnerability?
|
|
15:19 CET on the 28th February 2008. Entry written by Thomas Kristensen.
|
|
Lately there has been discussion about some SIP vendors not validating authentication certificates in their PEAP implementation, which can lead to a hacker gaining access to your computer if you inadvertently connect to a malicious server.
|
|
|
A rough 24 hours for Windows users - 81.01% affected
|
|
13:22 CET on the 7th February 2008. Entry written by Thomas Kristensen.
|
|
The last 24 hours have been rough for Windows users. Sun, Adobe, Apple, and Skype have issued security updates - all four vendors correcting security holes that could lead to system compromise.
|
|
|
Secunia PSI Reaches Milestone
|
|
10:43 CET on the 18th January 2008. Entry written by Jakob Balle.
|
|
Late yesterday evening the Secunia PSI reached an important milestone - a quarter of a million users!
|
|
|
Interesting Statistics from the Secunia PSI
|
|
14:58 CET on the 9th January 2008. Entry written by Jakob Balle.
|
|
95 out of every 100 computers that are connected to the Internet have insecure software installed.
|
|
|
Your security: 1 in 5 applications are not patched!
|
|
14:53 CET on the 21st December 2007. Entry written by Jakob Balle.
|
|
More than 20% of all applications installed on users PC's have known security flaws but the user have yet to install the patch provided by the vendor of product
|
|
|
Secunia PSI - Release Candidate 1
|
|
16:24 CET on the 18th December 2007. Entry written by Jakob Balle.
|
|
We are proud to announce the availability of the Secunia PSI Release Candidate 1 (RC-1). Read more about the background and details for this release.
|
|
|
Vendors still use the "legal" weapon
|
|
12:58 CET on the 6th December 2007. Entry written by Thomas Kristensen.
|
|
In these days, one would have believed that vendors have learned the lesson not to threaten with legal actions to withhold and suppress significant information about vulnerabilities in their products.
|
|
|
25% of computers have vulnerable IrfanView installed
|
|
17:30 CET on the 18th October 2007. Entry written by Ina Ragragio.
|
|
The vulnerability is easily exploitable, as it only requires that a user is tricked into opening a specially crafted palette (.PAL) file.
|
|
|
Secunia PSI BETA status after 2 months
|
|
15:48 CET on the 24th September 2007. Entry written by Jakob Balle.
|
|
Despite the facts that the Secunia PSI is a whole new type of IT-security solution for Windows users and it being in BETA testing - the Secunia PSI has achieved the remarkable result of being installed on more than 1 computer every minute on average since its release.
|
|
|
Secunia PSI Public BETA Test
|
|
21:41 CET on the 31st July 2007. Entry written by Jakob Balle.
|
|
More than 30,000 users have already installed and tested the Secunia PSI BETA - Over 2,400,000 applications have been detected and categorised as Insecure, End-of-Life, or Up-To-Date.
|
|
|
28% of all detected applications are insecure
|
|
13:36 CET on the 16th May 2007. Entry written by Jakob Balle.
|
|
Since its release in December of last year, the free, online Secunia Software Inspector has conducted over 350,000 inspections. These inspections have identified 4.9 million popular applications, and out of those, 1.4 million applications were found to be lacking critical security patches from the vendors.
|
|
|
The Secunia Research Team reports another IE vulnerability
|
|
12:09 CET on the 9th May 2007. Entry written by Ina Ragragio.
|
|
The Secunia Research Team doesn't just analyse and test vulnerability reports made by third party researchers. They also conduct research on their own, which is why they're able to identify a rather large quantity of vulnerabilities through in-house research.
|
|
|
Network Software Inspector - BETA Program
|
|
11:52 CET on the 24th April 2007. Entry written by Thomas Kristensen.
|
|
Last December, Secunia released the Software Inspector, a revolutionary tool that changed the way users all across the globe identified missing security updates.
|
|
|
New Internet Explorer 7 Spoofing Vulnerability
|
|
10:36 CET on the 16th March 2007. Entry written by Ina Ragragio.
|
|
There's a new spoofing vulnerability in Internet Explorer 7, one that could again be exploited by web criminals to perform phishing attacks.
|
|
|
Quicktime - Update me and stay vulnerable!
|
|
17:08 CET on the 25th January 2007. Entry written by Thomas Kristensen.
|
|
But now the patch is out, all is forgiven and everyone is happy, because now they can secure their system. Right? WRONG!
|
|
|
Secunia Research finds vulnerability in ActiveX control
|
|
10:07 CET on the 24th January 2007. Entry written by Ina Ragragio.
|
|
The vulnerable component, NCTAudioFile2.dll, was originally developed by NCT Company Ltd. and is known to be present in more than 70 products from 28 different software companies.
|
|
|
Release of Secunia End-of-Year Report
|
|
15:31 CET on the 22nd December 2006. Entry written by Ina Ragragio.
|
|
A 19-page report on some of the more interesting stories from this year, such as the Microsoft 0-day attacks, and the release of our Software Inspector, and some vulnerability statistics from our very own advisory database.
|
|
|
Followup on the Secunia Software Inspector Release
|
|
16:27 CET on the 11th December 2006. Entry written by Jakob Balle.
|
|
We just want to update you on the successful release of the Secunia Software Inspector. During a little more than half a week the Secunia Software Inspector has detected more than 400,000 applications on users systems, tagging one third of them as being insecure!
|
|
|
Secunia Launches the Software Inspector
|
|
13:00 CET on the 6th December 2006. Entry written by Jakob Balle.
|
|
The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor.
|
|
|
Standing up and taking responsibility!
|
|
10:40 CET on the 31st October 2006. Entry written by Thomas Kristensen, CTO.
|
|
Two years, a new release of IE, and still no fix for the "Window Injection" issue. Users are at risk and Microsoft calls it a non-issue.
|
|
|
Welcome to the Secunia "Security Watchdog" Blog
|
|
9:17 CET on the 31st October 2006. Entry written by Secunia.
|
|
Secunia is proud to announce the availability of the Secunia "Security Watchdog" blog. The Secunia "Security Watchdog" Blog will contain our response and opinions when vendors, researchers, articles, or a research paper calls for it.
|
|
