Hackers exploit poor website code

Monday, April 14th, 2008

Many of the loopholes left in the code created for websites have been known about for almost a decade say the security researchers. The poor practices are proving very attractive to hi-tech criminals looking for a ready source of victims. According to Symantec the number of sites vulnerable in this way almost ...

Vulnerability in Google spreadsheets allows cookie stealing

Monday, April 14th, 2008

Security researcher Billy Rios has discovered a vulnerability in Google Spreadsheets which attackers can exploit using links to crafted tables to steal a user's cookie. According to Rios, the victim has to follow such a link in Internet Explorer. The stolen cookie can be used to access all Google services ...

ActiveX is least secure plug-in

Monday, April 14th, 2008

ActiveX controls made up most of all browser plug-in vulnerabilities in the second half of 2007, according to Symantec. The company has just released its semi-annual web security report and in it said that Microsoft's technology, primarily used to create add-ins for Internet Explorer, accounted for 79 percent of the 239 ...

Is Outsourcing a Security Risk?

Saturday, April 12th, 2008

The world has a new culprit to blame for the rising tide of software vulnerabilities -- code outsourcing. The trend to outsource the coding of applications is now a major contributor to making business software more vulnerable, a survey-cum-report has claimed. According to analyst group Quocirca, which surveyed 250 IT directors and ...

Hackers Increasingly Target Browsers

Saturday, April 12th, 2008

Threats against browsers are getting more sophisticated and branching out into such exotic areas as gaming, experts told attendees at the recent RSA Conference 2008. New attacks from games and virtual-world Web sites can deliver bot-like control of browsers to attackers, said Ed Skoudis, a security consultant with Intelguardians, speaking at ...