Monday, July 27th, 2009 More than 9 out of every 10 Windows users are vulnerable to the Flash zero-day vulnerability that Adobe won't patch until Thursday, a Danish security company said today.According to Secunia, 92% of the 900,000 users who have recently run the company's Personal Software Inspector (PSI) utility have Flash Player 10 ...
Posted in Coding, Internet, Security, Software, Windows | No Comments
Thursday, July 23rd, 2009 Adobe is warning of a critical security vulnerability in its current Flash Player for Windows, Macintosh and Linux. Adobe Reader and Acrobat 9.x for all platforms are also affected. The vulnerability is already being actively exploited two ways, via crafted PDF documents and manipulated web sites (drive-by downloads). It's reported ...
Posted in Coding, Internet, Security, Software | No Comments
Tuesday, June 23rd, 2009 For several years, Cross-Site Scripting (XSS) attacks have plagued many of the web’s most popular sites and victimized their users. At Mozilla, we’ve been working for the last year on a new technology called Content Security Policy, designed to shut these attacks down. We wanted to give a bit of ...
Posted in Coding, Internet, Security | No Comments
Thursday, June 18th, 2009 Researchers have built a tool that automatically finds and exploits SQL injection and cross-site scripting vulnerabilities in Web applications.The so-called Ardilla tool uses a technique developed by the researchers -- MIT's Adam Kiezun, the University of Washington's Michael Ernst, Stanford's Philip Guo, and Syracuse University's Karthick Jayaraman -- that creates ...
Posted in Coding, Internet, PHP, Security, Software | No Comments
Thursday, June 11th, 2009 Australian researchers have described a new and faster way of provoking collisions of the SHA-1 hash algorithm. With their method, a collision can be found using only 252 attempts. This makes practical attacks feasible and could have an impact on the medium-term use of the algorithm in digital signatures.SHA-1 is ...
Posted in Coding, Internet, Privacy, Security | 1 Comment
