Mozilla updates Firefox; Fixes multiple vulnerabilities
Mozilla has patched 10 vulnerabilities in Firefox 2.0 with update 2.
Latest Posts
Blackhat Europe, Day 1: The Waag, the Bulldog, and web application hacking
Considering my previous posts on my experiences at Black Hat Federal received pretty good reviews, I thought it would make sense to again highlight a Black Hat trip. This time it was all the way out to Amsterdam, where Rob Carter and I will be speaking about URI Use and Abuse.
Defeating the Same Origin Policy part 2
In my first post in this series, I discussed the Same Origin Policy and how it protects us from some very serious attacks, the dangers of domain name based trust, and how to attack implementations of the Same Origin Policy within the Java Virtual Machine (JVM). In order to demonstrate these concepts, I used two examples of real-world attacks against the Same Origin Policy implementation within the JVM.
Microsoft confirms Word attacks
Microsoft has confirmed reports of vulnerability in Word that allows an attacker to exploit a system via the Microsoft Jet Database Engine, which shares data with Access, Visual Basic and third party applications.Microsoft in its advisory said the potential for attack is "very limited.
eVoting systems come under fire
As reported by Robert McMillan and Elizabeth Montalbano at IDG News Service, Sequoia voting systems web site has been hacked and subsequently taken down.Sequoia and its voting system is not new to the news, as it was recently investigated by the Attorney General of New Jersey for "voting discrepancies" in last months primaries.
Not scared about Cross-Site Request Forgery? You should be... you're scared of jail aren't you?
Robert Hansen aka R-Snake has posted a very interesting article today over at his blog. As R-Snake states:Whelp, we’ve talked about it, but now it’s finally possible.
Apple's week of patching: Camera compatibility flaw patched
Apple on Friday shipped a security update for Aperture 2, iPhoto 7.1.
Microsoft acquires rootkit specialist Komoku; DoD now a customer
Microsoft on Thursday acquired Komoku, which provides rootkit detection software, for an undisclosed sum. Komoku's technology will be added to Microsoft's enterprise-focused Forefront and Windows Live OneCare security software.
Apple plugs Airport Extreme Base Station firmware flaw
Apple has patched a denial of service vulnerability in its Airport Extreme Base Station firmware.In an advisory Wednesday Apple said firmware version 7.
Ding dong: 3Com, Bain, Huawei deal is dead
3Com on Wednesday officially declared its plan to be acquired by Bain and Huawei dead, saying that it was unable to allay U.S.
Major flaw in State of Pennsylvania online voter registration puts user data at risk
Update: Microsoft is NOT at fault for this! There seems to be some confusion within the talkbacks on this subject about this being Microsoft's fault, and also some strange claims that development shops who do only .
CanSec West '08 - Pwn2Own contest rules announced
The Pwn2Own contest rules were announced recently for CanSecWest '08 coming up next week.Unfortuantely, or fortunately (depending on how you look at it), I won't be able to join in the fun as I will be presenting at Black Hat Europe next week, although you can rest assured I'm going to take a stab at the contest from remote!
Someone get me rewrite: Apple delivers monster security update for OS X
Apple delivered a security update for Tiger and Leopard Tuesday with at least 80 patches addressing multiple vulnerabilities.You know it's a big patch haul from Apple when you read the advisory and:You're not sure where to begin;You're IMing fellow security folks (Ryan Naraine) to count CVE numbers for some clue of how many patches are included.
Apple patches cross-site scripting vulnerabilities
Apple on Tuesday patched code execution and cross-site scripting vulnerabilities on Tiger, Leopard, Vista and XP in a Safari update that included 13 patches.Apple historically has delivered patches along with new feature or software updates.
East Coast supermarket chain hit by data breach; 4.2 million account numbers affected
Hannaford Bros., a supermarket chain with stores primarily in the Northeast and Florida, said Monday that it was hit by a data breach that exposed 4.
Top Stories
-
![New to iOS 11? Change these privacy and security settings right now]()
Mobility
New to iOS 11? Change these privacy and security settings right now
-
![Data firm leaks 48 million user profiles it scraped from Facebook, LinkedIn, others]()
Security
Data firm leaks 48 million user profiles it scraped from Facebook, LinkedIn, others
-
![We talked to Windows tech support scammers. Here's why you shouldn't]()
Security
We talked to Windows tech support scammers. Here's why you shouldn't
-
![Hackers are using botnets to take the hard work out of breaking into networks]()
Security
Hackers are using botnets to take the hard work out of breaking into networks
-
![Online security 101: Tips for protecting your privacy from hackers and spies]()
Security
Online security 101: Tips for protecting your privacy from hackers and spies
