A workaround emerged from Oracle as news circulated of a remotely exploitable flaw, without requiring authentication, involving the WebLogic platform.Both the WebLogic Server and WebLogic Express products, acquired by Oracle when the company purchased BEA, suffer from the newly disclosed vulnerability. SANS internet Storm Center said the problem stems from the Apache Connector used by the products. A WebLogic advisory noted the flaw could be exploited without authentication. Sites using Apache servers that are already configured with the mod_security module are protected from this vulnerability by the default core ruleset, according to the advisory. Using mod_security with the WebLogic plug-in for Apache serves as one workaround suggested by Oracle. The other workaround calls for an edit to httpd.conf and a restart: It is possible to configure Apache and avert this vulnerability by rejecting certain invalid requests. To do so, add the following parameter to the httpd.conf file and

Over the past five years, the anti-virus market has experienced tremendous growth as many new technologies have emerged in response to current conditions.What was once a market consisting of very few players has evolved into a multi-billion dollar enterprise consisting of dozens of companies with huge assortment of anti-virus products varying in focus and quality. According to analysts, the global anti-virus market is forecasted to surpass $58 billion by 2010 with the introduction of new technologies in the areas of data loss prevention, virtualization security, security-as-a-service and many others. Despite this growth, the technology behind anti-virus today is highly inefficient when it comes to protecting against modernized threats. This is fueled by the fact that vendors simply can't keep up with all of the new malware surfacing each and every day. The situation has created a breakdown in the quality and effectiveness of their underlying core technology. 1 This problem is evide

Saugus, Massachusetts, USA Oct 3, 2008. As more people are losing money on the internet from expectations for 'Get Rich Quick' schemes, one company has decided to launch a unique project designed to get as many ...

Trend Micro's consumer security product manager has recommend people not to buy antivirus products, including his own.

Coming on the heels of credible accounts of the downfall of first Yahoo's and then Gmail's CAPTCHA, Ars Technica is reporting on Websense Security Labs' deconstruction of the cracking and tuning / exploitation ...

By RED R. SAMAR Setting a new industry standard for speed and performance in security software, top anti-virus maker Symantec Corp.

But the president of the internet Security Advisors Group insists his purpose is to persuade us that the cause of... The full article contains 856 words and appears in The Scotsman newspaper.