Web Application Security Consortium (WASC) releases 'Threat Classifications' document

WASC has released a web security 'Threat Classifications' document that attempts to help clarify some of the terms used in web security (such as xss, session fixation, insufficient authorization, etc...). Additional information can be found at the link below. http://www.webappsec.org/threat.html

PHP 4.3.8 released to address security issues

PHP 4.3.8 and 5.0.0RC3 were released today to address a few security problems. Users running older versions are urged to upgrade (bla bla bla). PHP Download Page PHP Changelog

IIS 4.0 Buffer overflow discovered and other microsoft patches

Microsoft has released 7 different advisories today. One of the vulnerabilities disclosed was a remote overflow in IIS 4.0.
Looking for something else or having a hard time finding a story? We recently moved things around so please use the search bar on the right!