Archive for April, 2008
Monday, April 28th, 2008
A faulty registry is something no computer owner wants to have. Unfortunately though, many of them don't have a choice in the matter, as nearly every windows registry will receive it's fair share of errors. "If that's true, then what's so bad about having a dirty registry?" Well, for starters, ...
Posted in Windows | No Comments
Monday, April 28th, 2008
Microsoft has provided security advice to web developers using its products after many such sites were compromised. Last week, hundreds of thousands of web pages were infected with a malicious iframe which tries to infect visitors with a trojan. Many high profile sites including the United Nations (un.org), the UK ...
Posted in Internet, Security | No Comments
Sunday, April 27th, 2008
One of the more useful Google advanced search features is the date filter, which limits results to recent pages. Results can be limited to the past day, week, month, year, etc. Google’s Matt Cutts and GoogleOperatingSystem wrote about it late last year.
You can access the search via the URL as ...
Posted in Internet | No Comments
Sunday, April 27th, 2008
Many people are switching from Internet Explorer to alternative browsers such as Firefox and Safari. Though that might make them feel more secure, the shift has also opened new doors for bad guys.
Case in point: We have no IE bugs to report this month, but both Firefox and Safari have ...
Posted in Internet, Linux, Security, Windows | No Comments
Sunday, April 27th, 2008
Have you ever noticed that sometimes Firefox isn't very responsive while loading a page? As a frequent StumbleUpon user, this behavior grates on my nerves so I went looking for a solution.
When Firefox is loading a page it uses one of two modes: There's a high priority mode that doesn't ...
Posted in Internet | No Comments
Saturday, April 26th, 2008
It works seamlessly with any hardware and operating system combination supporting USB keyboards such as Windows, MacOS, Linux and others. The Key generates and sends unique time-variant authentication codes by emulating keystrokes through the standard keyboard interface. The computer to which the Key is attached receives this authentication code character ...
Posted in Hardware, Privacy, Security | No Comments
Saturday, April 26th, 2008
How can an attacker exploit a PL/SQL procedure that doesn’t even take user input? Or how does one do SQL injection using DATE or even NUMBER data types? In the past this has not been possible but as this paper will demonstrate, with a little bit of trickery, you can ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Saturday, April 26th, 2008
WordPress 2.5.1 came out recently. It includes a critical security fix for a cookie integrity bug that would allow an attacker to impersonate other users, including WordPress admins, by manipulating the contents of an HTTP cookie. Whenever I read about a vulnerability predicated on the user identity being embedded ...
Posted in Coding, Internet, Privacy, Security, Software | 1 Comment
Friday, April 25th, 2008
A remote vulnerability exists in the QuickTime player for Windows XP and Vista (latest service packs). Other versions are believed to be affected as well. For now, no details will be released regarding the method of exploitation.
Because we are an information security think tank and because we encounter some very ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Friday, April 25th, 2008
Opera 9.5 Beta 2 has stepped up its security game. The browser has added fraud protection and support for EV SSL (Extended Validation Secure Sockets Layer) certificates to help prevent identity theft.
Opera’s move to join the EV SSL crowd leaves Safari as the only browser without anti-phishing protection. As you ...
Posted in Internet, Software | No Comments
