Verisign, McAfee and Symantec sites can be used for phishing due to XSS

Monday, June 9th, 2008

Should they all be trusted at first sight by unsuspecting online users? Yes, unfortunately this is the case with the websites of renowned and respected IT security companies. However, now that are all vulnerable to cross-site scripting, the possibilities to get phished and infected with malware and crimeware are dramatically ...

Posted in Coding, General BS, Internet, Privacy, Security | No Comments

XSS Methods Also Seen Being Used in Mass Compromises

Sunday, June 1st, 2008

XSS (Cross-Site Scripting) Very Much Alive and Kicking We were about to investigate further on malicious activities related to banner82(dot)com/b.js but the URL was already inaccessible around Tuesday. Soon enough the malicious script in www(dot)adw95(dot)com caught our interest. A rough survey of the sites compromised by this script reveal that the ...

Posted in Coding, Internet, Security | No Comments

New Adobe Flaw Being Used in Attacks

Tuesday, May 27th, 2008

An unpatched bug in Adobe Systems' Flash Player software is being exploited by online criminals, Symantec reported Monday. Few details on the bug are available, but the flaw lies in the latest version of the Adobe Flash Player browser plugin, which is widely used by Internet surfers to view animated Web ...

Posted in Coding, Internet, Security, Software | No Comments

Facebook security snafu could compromise accounts

Friday, May 23rd, 2008

A researcher has spotted a security problem in Facebook that could lead to hackers taking control of user accounts. The flaw allows a hacker to execute scripts on Facebook that could potentially be used to create a fake log-in page and capture people's passwords, according to the XSSED security blog. The ...

Posted in Coding, Internet, Privacy, Security | No Comments

Firefox developers tinker with new security protections

Tuesday, May 20th, 2008

Developers of the Firefox browser are designing new technologies aimed at protecting users from some of the nastiest and most prevalent forms of website attacks. One protection is designed to minimize end users' risk to cross-site scripting (XSS) attacks and cross-site request forgeries (CSRFs), both of which subvert basic internet security ...

Posted in Coding, Internet, Privacy, Security | No Comments

Previous Entries
Next Entries  
Copyright 2008-2009 PC Sympathy - Entries (RSS) - Comments (RSS) - Sitemap