Monday, April 14th, 2008
Security researcher Billy Rios has discovered a vulnerability in Google Spreadsheets which attackers can exploit using links to crafted tables to steal a user's cookie. According to Rios, the victim has to follow such a link in Internet Explorer. The stolen cookie can be used to access all Google services ...
Posted in Coding, Internet, Privacy, Security, Software | No Comments
Friday, April 11th, 2008
Traditional IDS/IPS systems occur at the network level, usually plugged into a spanning port on a switch. I love this concept and think it should be part of any defense in depth strategy. The two primary weaknesses in these devices are, (1) they cannot process encrypted streams and (2) they ...
Posted in Coding, Internet, Security | 2 Comments
Tuesday, April 8th, 2008
Researcher Dan Kaminsky plans to show how a web-based attack could be used to seize control of certain routers.
Kaminsky has spent the past year studying how design flaws in the way that browsers work with the Internet's Domain Name System (DNS) can be abused in order to get attackers behind ...
Posted in Hardware, Internet, Privacy, Security | 1 Comment
Sunday, April 6th, 2008
As Chris mentioned in a previous post we used social engineering and phishing emails as an attack vector. The scope of the engagement prevented us from collecting any data that could be used to identify the user. The client was not out to make examples of their staff but to ...
Posted in Coding, Internet, Privacy, Security | No Comments
Wednesday, March 26th, 2008
The Mozilla project is distributing version 2.0.0.13 of its popular open source Firefox browser. This release fixes several critical vulnerabilities which could be exploited by attackers to inject malicious code or fake page content.
The browser's JavaScript engine contains several of the security vulnerabilities. Due to incorrect processing, attackers can execute ...
Posted in Internet, Linux, Privacy, Security, Software, Windows | No Comments
Page 14 of 16« First«...1213141516»
