Mozilla has shipped a high-priority update for Firefox 2, warning that there are at least five serious vulnerabilities that could lead to code execution attacks.With Firefox 2.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Researchers at Secunia have found a "highly critical" vulnerability that puts users of the cross-platform VLC Media Player at risk of remote code execution attacks.The vulnerability is confirmed in version 0.
OK, I'm not going to freak out about this too bad... I've already pointed out enough problems with PCI, but I did find it morbidly entertaining.
When Microsoft's Internet Explorer 8 hits the Beta 2 milestone in August, the browser makeover will feature a full-fledged anti-malware blocker and new protections against some forms of cross-site scripting attacks.The existing phishing filter IE 7 has been renamed SmartScreen Filter and will include blacklist-based blocking of known exploit sites.
The latest high trafficked web site to fall victim into the continuing waves of massive SQL injection attacks courtesy of copycats and the ASProx botnet, is Sony's PlayStation U.S site according to a recent post at SophosLabs's blog :"Researchers at IT security firm Sophos have warned lovers of video games that pages on the US-based Sony PlayStation website have been compromised by hackers.
Password stealing malware targeting popular MMORPGs such as World of Warcraft for instance, has become so prevalent, that video game developers are taking their authentication model a step further, by introducing two-factor authentication into play. And while marketable, is the new authentication layer actually useful in a real life situation?
Stay with me here readers, I'm stringing two stories about McAfee together here, a little out of the ordinary, so I hope it makes sense. If you aren't interested in the tech details (of which there are very little), please do read for a good laugh.
Kelly Jackson Higgins of Dark Reading, reported on research conducted by Joshua Perrymon, hacking director for PacketFocus Security Solutions and CEO of RedFlag Security, who has been performing social engineering exploits for numerous clients in the past year and has apparently stolen thousands of identities with a 100 percent success rate.
The Google security team has released a free, open-source Web app security assessment tool capable of flagging vulnerabilities and potential security threats in Internet-facing applications.The tool, called Ratproxy, is described as a passive Web application security audit tool designed to analyze legitimate, browser-driven interactions with tested Web applications -- to automatically pinpoint, annotate, and prioritize potential flaws or areas of concern on the fly.
According to a new study from researchers at Google, IBM and ETH Zurich, there are about 637 million Google users surfing the Internet with a vulnerable Web browser.Using data from Google search queries and security vulnerability aggregator Secunia, the study (HTML or PDF) found that a whopping 45 percent of Google users "were not using the most secure Web browser version on any working day from January 2007 to June 2008.