- Vuln: Mahara Resume Blocktype Cross Site Scripting Vulnerability
- Vuln: Mahara Admin Password Reset Security Bypass Vulnerability
- Vuln: eCryptfs 'parse_tag_3_packet()' Packet Heap Based Buffer Overflow Vulnerability
- Vuln: Cisco VPN Client for Windows 'StartServiceCtrlDispatche' Local Denial of Service Vulnerability
- Vuln: HP OpenView Network Node Manager 'ovdbrun.exe' Denial of Service Vulnerability
- Vuln: PHP Versions Prior to 5.3.1 Multiple Vulnerabilities
- Vuln: KDE KDELibs 'dtoa()' Remote Code Execution Vulnerability
- Vuln: PEAR Sendmail 'From' Parameter Arbitrary Argument Injection Vulnerability
- Vuln: IBM Rational Products Multiple Cross Site Scripting Vulnerabilities
- Vuln: Microsoft Internet Explorer 'Style' Object Remote Code Execution Vulnerability
Search
Search Result
-
Best of Application Security (Friday, Nov. 20)
Category: Network Security & Hacking News/Latest Security News
... Announcing ModSecurity Handbook ESAPI Web Application Firewall released! OWASP Top Ten and ESAPI & Part 2 WhiteHat Security is a leading provider of website security services. Ten of ...Friday, 20 November 2009 -
Interesting Information Security Bits for 11/20/2009
Category: Network Security & Hacking News/Latest Security News
Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web. Here is a nice post talking about fuzzing with Burp. ClearNet Security ...Friday, 20 November 2009 -
An Ounce of Prevention is Worth a Pound of Cure
Category: Network Security & Hacking News/Latest Security News
... web scanning, etc.) or penetration testing in the past. Because static analysis detects flaws without actually executing the target application, there’s an increased likelihood of finding “noise” ...Friday, 20 November 2009 -
Alpha Software disclosure leads to confusion
Category: Network Security & Hacking News/Latest Security News
... has been a security breach at the Internet Service Provider where our web site is hosted. This may have resulted in your credit card information being compromised. While it is entirely possible that your ...Friday, 20 November 2009 -
Emails regarding updating your mailbox leads to the malware flashinstaller.exe
Category: Network Security & Hacking News/Latest Security News
MX Lab intercepts emails with an embedded URL that leads to a web site where you will have the notice You don't have the latest version of Macromedia Flash Player. and you can download the file flashinstaller.exe. ...Friday, 20 November 2009 -
Increase in Gumblar backdoors poses FTP credential problems
Category: Network Security & Hacking News/Latest Security News
Security Researcher explains how to detect the Trojan, but many victimized website owners don’t have the technical expertise to fix the problem. Mary Landesman, a senior security researcher at security ...Friday, 20 November 2009 -
PHP “multipart/form-data” denial of service
Category: Network Security & Hacking News/Global Security News
... a large number (15000+) of files. When you send these requests to the web server, the web server collapses and stops responding becasue it has to process (create & delete) an insane number of files ...Thursday, 19 November 2009 -
Zero-day vulnerabilities in Firefox extensions discovered
Category: Network Security & Hacking News/Latest Security News
One of the reasons behind Firefoxaposs popularity is the availability of a vast library of extensions. Users use them to modify the browser to their liking and make their browsing experience easier and ...Thursday, 19 November 2009 -
Three charged with Comcast.net hijacking
Category: Network Security & Hacking News/Latest Security News
Three men were charged on Thursday for last yearaposs redirecting of traffic of Comcastaposs website to a site where a shout-out to fellow hackers was featured: Christopher Allen Lewis (aka EBK), 19, a... ...Thursday, 19 November 2009 -
FDA targets rogue Internet pharmacies
Category: Network Security & Hacking News/Latest Security News
The U.S. Food and Drug Administration is pressuring a number of Internet service providers to shut off nearly 12 dozen Web sites alleged to be selling counterfeit or unapproved prescription drugs. The ...Thursday, 19 November 2009 -
Chrome OS is coming, and it is impressive
Category: Network Security & Hacking News/Latest Security News
Today, Google made its first public announcements about Chrome OS, a Linux-derived operating system that it positions as secure and easy to use. I listened in on the Web cast today, and had some initial ...Thursday, 19 November 2009 -
Brute-Forcing Compatibility
Category: Network Security & Hacking News/Latest Security News
Idea came thanks to cktricky from: http://cktricky.blogspot.com/ A bunch of sites on the web give you different pages depending on the browser you use to view it. I know when I was a web developer compatibility ...Thursday, 19 November 2009 -
UK Confused About Piracy
Category: Network Security & Hacking News/Latest Security News
... enforcement powers that allow them to compel ISPs, libraries, companies and schools to turn over personal information about Internet users, and to order those companies to disconnect users, remove websites, ...Thursday, 19 November 2009 -
Malicious Java Applet Poses as Carrie Prejean Video
Category: Network Security & Hacking News/Global Security News
... of the tape became common knowledge. Source: Google Trends Java applets provide everything from interactive features to web applications to advertisements. Since the birth McAfee Labs has observed ...Thursday, 19 November 2009 -
lost+found: Android, botnets, Top 10, CryptoMan
Category: Network Security & Hacking News/Latest Security News
Spyware for Android, understanding botnet protocols, Top 10 vulnerabilities in web applications, Bruce Schneier action figure Spyware for Android, understanding botnet protocols, Top 10 vulnerabilities ...Wednesday, 18 November 2009 -
Google's Chrome OS: A Web appliance, not a PC
Category: Network Security & Hacking News/Global Security News
Developers who want a closer look at the project, however, will get their wish. Effective immediately, Google is releasing the Chrome OS code to the public under an open source license, along with the ...Wednesday, 18 November 2009 -
3 Basic Steps to Avoid Joining a Botnet
Category: Network Security & Hacking News/Global Security News
... a denial of service attack. Unfortunately, the black-hat techniques employed to snare users into a botnet web have evolved to a level that makes them often undetectable by even the most ... Online, the ...Wednesday, 18 November 2009 -
New books: ModSecurity, Snow Leopard, social Web applications
Category: Network Security & Hacking News/Latest Security News
ModSecurity Handbook features an in-depth coverage of ModSecurity, an open source web application firewall. The main highlights are the following:Step-by-step instructions for those just starting... ModSecurity ...Wednesday, 18 November 2009 -
Interesting Information Security Bits for 11/18/2009
Category: Network Security & Hacking News/Latest Security News
Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web. Adobe offers some guidance on securely deploying cross-domain policy ...Wednesday, 18 November 2009 -
Vuln: WebKit Multiple Remote Code Execution, Denial of Service, and Information Disclosure Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
WebKit Multiple Remote Code Execution, Denial of Service, and Information Disclosure Vulnerabilities Read Full Article ...Wednesday, 18 November 2009 -
Scareware Campaign Using Google Sponsored Links
Category: Network Security & Hacking News/Latest Security News
... Serving Tweets, Bogus LinkedIn/Scribd Accounts, and Blackhat SEO Farms Fake Web Hosting Provider - Front-end to Scareware Blackhat SEO Campaign at Blogspot This post has been reproduced from Dancho ...Wednesday, 18 November 2009 -
Mozilla locks out rogue Firefox add-ons
Category: Network Security & Hacking News/Latest Security News
Mozilla has made a significant tweak to this Firefox 3.6 code base to block rogue add-ons from loading in the browser's application components directory. Mozilla has made a significant tweak to this ...Wednesday, 18 November 2009 -
Thousands of web pages manipulated in large-scale scareware attack
Category: Network Security & Hacking News/Latest Security News
Google's search engine reportedly plays an important role in the attack, pointing users to compromised web pages when certain search terms are entered. More than 200,000 web pages appear to have been affected ...Wednesday, 18 November 2009 -
Gumblar is back with a vengeance
Category: Network Security & Hacking News/Latest Security News
ScanSafe reported that 29% of all Web malware blocks in October 2009 were the result of Gumblar. This series of website compromises, collectively dubbed Gumblar takes a multi-pronged approach, insta... ...Wednesday, 18 November 2009 -
Data-stealing malware soars
Category: Network Security & Hacking News/Latest Security News
From phony emails to Facebook phishers, cybercriminals are casting a wide net to lure online shoppers this season. According to new research from Webroot, certain infections designed to steal personal... ...Wednesday, 18 November 2009 -
Firefox 3.6 locks down component directory
Category: Network Security & Hacking News/Latest Security News
Extensions to the browser will no longer be able to silently install themselves in Firefox 3.6's component directory. The Mozilla developers say the directory lock down will increase the browser's stability ...Tuesday, 17 November 2009 -
Firefox 3.6 to prevent harmful add-ons
Category: Network Security & Hacking News/Latest Security News
The soon-to-be shipped version 3.6 of the Firefox browser will have a new feature that will make is more stable. It is called Component Directory Lockdown, and it prevents third-party applications (ad... ...Tuesday, 17 November 2009 -
Gumblar botnet on the march again
Category: Network Security & Hacking News/Global Security News
"Gumblar is arguably one of the most insidious threats facing web surfers and web site operators today," said Mary Landesman, senior security researcher at ScanSafe. "Disturbingly, in early November, we ...Tuesday, 17 November 2009 -
China defense ministry site fends off hackers
Category: Network Security & Hacking News/Global Security News
The Chinese defense ministry Web site has been under "non-stop" attack since it launched in August as a gesture of transparency, said the People's Daily, the official paper of China's ruling Communist ...Tuesday, 17 November 2009 -
Two thirds of Brits to shop online for Christmas
Category: Network Security & Hacking News/Global Security News
Furthermore 12 percent said they use a public Wi-Fi networks when purchasing gifts online, even though this can be a security risk. Webroot also said that 52 percent use search engines to find gifts while ...Tuesday, 17 November 2009 -
Grails 1.1 Web Application Development (Paperback) newly tagged "programming"
Category: Network Security & Hacking Products/Programming
Grails 1.1 Web Application Development (Paperback) By Jon Dickinson Buy new: $31.57 Customer Rating: First tagged "programming" by Vyas Sanzgiri "ejvyas" ...Tuesday, 17 November 2009 -
Tales from the other side of helldesk
Category: Network Security & Hacking News/Latest Security News
Today, I was having trouble with a web application. I don't often find myself on the other end of a helpdesk call, but lo and behold here I was. I submitted a screen shot of the error, and the response ...Tuesday, 17 November 2009 -
Interesting Information Security Bits for 11/17/2009
Category: Network Security & Hacking News/Latest Security News
Good afternoon everybody! I hope your day is going well. Here are today's Interesting Information Security Bits from around the web. Leave it to David to be able to use canning and mason jars as an analogy ...Tuesday, 17 November 2009 -
Vuln: ActiveWebSoftwares Active Bids 'default.asp' SQL Injection Vulnerability
Category: Network Security & Hacking News/Security Exploits and Security Patches
ActiveWebSoftwares Active Bids 'default.asp' SQL Injection Vulnerability Read Full Article ...Tuesday, 17 November 2009 -
Vuln: Sun Java Web Start and Java Plug-in Multiple Privilege Escalation Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
Sun Java Web Start and Java Plug-in Multiple Privilege Escalation Vulnerabilities Read Full Article ...Tuesday, 17 November 2009 -
Vuln: Sun Java Web Start Multiple Vulnerabilities
Category: Network Security & Hacking News/Security Exploits and Security Patches
Sun Java Web Start Multiple Vulnerabilities Read Full Article ...Tuesday, 17 November 2009 -
"Your mailbox has been deactivated" Spam Campaign Serving Crimeware
Category: Network Security & Hacking News/Latest Security News
... Best regards, hush.com technical support." Different signatures used: "From Webmail Help Desk; From hush.com technical support; ... An ongoing "Your mailbox has been deactivated" themed spam campaign ...Tuesday, 17 November 2009 -
Massive Scareware Serving Blackhat SEO, the Koobface Gang Style
Category: Network Security & Hacking News/Latest Security News
Ali Baba and the 40 thieves LLC are once again multi-tasking, this time compromising hundreds of thousands of web sites, and redirecting Google visitors -- through the standard http referrer check -- to ...Tuesday, 17 November 2009 -
Thousands of web sites compromised, redirect to scareware
Category: Network Security & Hacking News/Latest Security News
Security researchers have detected a massive blackhat SEO (search engine optimization) campaign consisting of over 200,000 compromised web sites, all redirecting to fake security software, commonly refered ...Tuesday, 17 November 2009 -
How To Hack A Brazilian Power Company
Category: Network Security & Hacking News/Latest Security News
... which meant hackers there were suddenly interested in the subject. And just days later, chatter appeared on Brazilian hacker Websites expressing interest in ONS, the Website of Brazil's national power ...Tuesday, 17 November 2009 -
Internet Archive backs short URL repository
Category: Network Security & Hacking News/Latest Security News
Some of the companies behind web address shortening services have joined together to created an archive of links so that the links continue to work if any of them go out of business. Some of the companies ...Tuesday, 17 November 2009 -
Russian cybercriminals target H1N1 Swine flu fears
Category: Network Security & Hacking News/Latest Security News
... gain visibility and more potential victims. It’s been an evolving process and today there are literally hundreds of malicious affiliate networks touting everything from phony dating websites, porn and ...Tuesday, 17 November 2009 -
Cybercriminals leverage swine flu threat
Category: Network Security & Hacking News/Global Security News
Detailed in a whitepaper entitled "The Partnerka - what is it, and why should you care?", Sophos has looked at underground web affiliates which form networks called the Partnerka, which profits from online ...Monday, 16 November 2009 -
Secure advanced Web server for Unix
Category: Network Security & Hacking News/Latest Security News
Hiawatha is a secure and advanced Web server for Unix. It features a rootjail, the ability to run CGIs under any UID/GID you want, prevention of SQL injection and cross-site scripting, banning of clie... ...Monday, 16 November 2009 -
Component Directory Lockdown – New in Firefox 3.6
Category: Network Security & Hacking News/Global Security News
We hate crashes. When Firefox crashes, we try to get you back on your feet as quickly as possible, but we'd much rather you not crash in the first ...Monday, 16 November 2009
