Archive for the ‘Software’ Category
Wednesday, May 7th, 2008
Yahoo is to start flagging links to sites that may contain dangerous content. Google has been warning users if a potentially dangerous website is behind the link in the list of hits displayed for some time now. Yahoo is following suit by marking websites that could possibly infect visitors with ...
Posted in Internet, Security, Software | No Comments
Thursday, May 1st, 2008
Security's rising star, Webroot, plans to offer web and malware filtering as a service to SMBs, the first vendor of any size to offer such a capability in subscription form.
The software-as a service (SaaS) model, which extends the email filtering service already offered by the company, will appeal to smaller ...
Posted in Internet, Privacy, Security, Software | No Comments
Thursday, May 1st, 2008
I am pretty sure that there are a number of you out there reading this blog over a wireless network. Given that wireless is so widely distributed these days, its not uncommon that users are unaware of how insecure their wireless setup maybe.
Unfortunately one other reality is that a number ...
Posted in Hardware, Internet, Privacy, Security, Software | No Comments
Wednesday, April 30th, 2008
As the world of virtualization moves forward, organisations are faced with compelling reasons to virtualize: factors like server consolidation, high energy bills, faster hardware, ease of use and step back and quick snapshot technology make the virtual computing realm become more attractive.
In some organisations virtualization has already become a large ...
Posted in Hardware, Internet, Networking, Privacy, Security, Software | No Comments
Monday, April 28th, 2008
Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system.
1) A vulnerability is caused due to improper access restriction of the administration section. This can be exploited to bypass the authentication ...
Posted in Coding, Internet, Security, Software | No Comments
Saturday, April 26th, 2008
How can an attacker exploit a PL/SQL procedure that doesn’t even take user input? Or how does one do SQL injection using DATE or even NUMBER data types? In the past this has not been possible but as this paper will demonstrate, with a little bit of trickery, you can ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Saturday, April 26th, 2008
WordPress 2.5.1 came out recently. It includes a critical security fix for a cookie integrity bug that would allow an attacker to impersonate other users, including WordPress admins, by manipulating the contents of an HTTP cookie. Whenever I read about a vulnerability predicated on the user identity being embedded ...
Posted in Coding, Internet, Privacy, Security, Software | 1 Comment
Friday, April 25th, 2008
A remote vulnerability exists in the QuickTime player for Windows XP and Vista (latest service packs). Other versions are believed to be affected as well. For now, no details will be released regarding the method of exploitation.
Because we are an information security think tank and because we encounter some very ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Friday, April 25th, 2008
Opera 9.5 Beta 2 has stepped up its security game. The browser has added fraud protection and support for EV SSL (Extended Validation Secure Sockets Layer) certificates to help prevent identity theft.
Opera’s move to join the EV SSL crowd leaves Safari as the only browser without anti-phishing protection. As you ...
Posted in Internet, Software | No Comments
Thursday, April 24th, 2008
Well, I finally jumped on that social networking bandwagon called Twitter. I signed up for Twitter about an hour or so ago just to check it out and see what all the hype was about. I know, I'm slow. But they always say that a person hears or sees something ...
Posted in Internet, Privacy, Software | No Comments
