Monday, April 14th, 2008 Security service provider Secunia has discovered a vulnerability in the ClamAV open source virus scanner. Attackers can foist code on the appliction using manipulated EXE files.According a Secunia advisory, a boundary error in the cli_scanpe() function in libclamav/pe.c can cause a heap-based buffer overflow. Manipulated PE executables (Windows .exe files) ...
Posted in Coding, Security, Software | No Comments
Monday, April 14th, 2008 A new bot can crack defenses erected by Microsoft to keep spammers from creating large numbers of accounts on its Live Hotmail service within seconds, a security researcher said Friday.
Dan Hubbard, vice president of security research at Websense, said the bot broke Live Hotmail's CAPTCHA (Completely Automated Public Turing Test ...
Posted in Internet, Privacy, Security, Software | No Comments
Sunday, April 13th, 2008 Apple is quietly adding several key anti-hacker security features into its flagship QuickTime media player as part of a deliberate plan to reduce the effectiveness of malicious exploits.The XPMs (exploit prevention mechanisms) have been fitted into the WIndows and Mac OS X versions of QuickTime 7.4.5, a new update that ...
Posted in Security, Software, Windows | No Comments
Saturday, April 12th, 2008 The world has a new culprit to blame for the rising tide of software vulnerabilities -- code outsourcing.The trend to outsource the coding of applications is now a major contributor to making business software more vulnerable, a survey-cum-report has claimed.According to analyst group Quocirca, which surveyed 250 IT directors and ...
Posted in Coding, Internet, Security, Software | No Comments
Friday, April 11th, 2008 Traditional IDS/IPS systems occur at the network level, usually plugged into a spanning port on a switch. I love this concept and think it should be part of any defense in depth strategy. The two primary weaknesses in these devices are, (1) they cannot process encrypted streams and (2) they ...
Posted in Coding, Internet, Security | 2 Comments
