Friday, January 29th, 2010
Google has recently launched an "experimental new incentive" that could reward security researchers for their bugs in the Chrome browser (all versions - stable, beta, and dev) or in the open source Chromium project itself. Their base reward is identical to Mozilla's at $500, but they are offering a higher ...
Posted in Internet, Security, Software | No Comments
Tuesday, December 29th, 2009
Microsoft has confirmed the security hole in its IIS web server, but hasn't disclosed which versions of the product are affected. According to the finder of the "semi-colon bug", versions up to and including version 6 are vulnerable. The hole allows attackers, for instance, to camouflage executable ASP files as ...
Posted in Internet, Security | 1 Comment
Tuesday, December 15th, 2009
Adobe Systems Inc. said Monday it is investigating reports that attackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers.The acknowledgment coincided with an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs ...
Posted in Internet, Security | No Comments
Tuesday, December 1st, 2009
Vulnerability assessment vendor Rapid7 has announced the first of a series of steps to integrate its penetration testing and vulnerability assessment scanning products. The first step is a module that allows users of the Metasploit Framework, which Rapid7 acquired in October to natively import NeXpose scanner results and then take ...
Posted in Internet, Networking, Privacy, Security, Software | No Comments
Tuesday, December 1st, 2009
Web browsers enforce the same origin policy to prevent one site's active content (such as JavaScript) from accessing or modifying another site's data. For instance, active content hosted at http:///page1.html can access DOM objects on http:///page2.html, but cannot access objects hosted at http:///page.html. Many clientless SSL VPN products retrieve content ...
Posted in Internet, Networking, Privacy, Security | No Comments
