Security

Mon
20
Jul
Dennis Faas's picture

Mozilla's Firefox 3.5.1 Addresses TraceMonkey Flaw

Mozilla has released the first minor point release in its Firefox 3.5 series, Firefox 3.5.1. The reason? To fix a critical security flaw within the browser's TraceMonkey JavaScript engine. Rest assured, TraceMonkey itself, despite the suspicious ... name, is not a new Conficker virus or something of the sort. On the contrary, TraceMoney is a tool created by Mozilla that improves the JavaScript web browser performance through something called a just-in-time, or JIT compilation engine. Simply put, JIT compiles code earlier and improves the performance of the Mozilla web browser. Mozilla Tracing ... (view more)

Fri
10
Jul
Dennis Faas's picture

'Browse And Get Owned' Patch Coming Tuesday

Microsoft has revealed it will indeed have a fix for a critical Internet Explorer bug in next week's monthly update. The security loophole means XP users who don't have the latest edition of the browser could be infected even by visiting a ... theoretically safe website. The bug, which Microsoft describes as "browse and get owned," involves the Active X (Direct Show) system used for displaying online videos. The specific function it affects is no longer used, which may be how the hackers found the loophole. The bug affects users of Windows XP, as well as anyone running Windows Server 2003 that ... (view more)

Wed
08
Jul
Dennis Faas's picture

Online Fraud Easier Due to Social Security Flaw

Researchers have discovered that it's easier to predict social security numbers than previously realized. The discovery means giving away too many personal details online is even more dangerous. A report by Carnegie Mellon University, published in ... The Proceedings of the National Academy of Sciences, says that social security numbers were never intended to be used as a way of confirming somebody's identity. Instead they were meant purely as a way of keeping track of an individual's tax and benefit payments. The researchers were investigating a theory that there was a distinct pattern to the ... (view more)

Tue
07
Jul
Dennis Faas's picture

Clear Shutdown Leaves More Than 250,000 IDs in Limbo

The company responsible for creating a database containing thousands of identities collected at U.S. airports has shut down. And so, the question remains: what happens to your personal information when a government-sponsored National ID scheme like ... 'Clear' suddenly shuts down? The fate of more than a quarter million people whose fingerprints, social security numbers, home addresses and other revealing personal information allegedly designed to help hasten traveler clearances at airports is hanging on that question, and even the government doesn't know the answer. (Source: yahoo.com ) Who ... (view more)

Tue
07
Jul
Dennis Faas's picture

ActiveX Security Hole Stumps Microsoft

The recent report of a security hole in Microsoft's Video ActiveX Control appears to have the Redmond-based company stumped. According to insiders, Microsoft is investigating a flaw that targets a component it didn't even realize was still being ... used. Security reports suggest that the vulnerability has already been exploited and that a solution must be produced by Microsoft as soon as possible. The company is investigating and promises to have a fix soon, but in the meantime has revealed that only select operating systems, including Windows XP and Windows Server 2003, are affected. Users of ... (view more)

Mon
06
Jul
Dennis Faas's picture

Conficker Worm Saves Hundreds from Traffic Violations

Since it was first introduced several months ago, the dreaded Conficker worm has been synonymous with wreaking havoc on computers worldwide. Almost no one would ever consider its creation a "good" thing, but that may be changing, if only in one ... isolated incident. Ironically the virus, warned to be harmful to millions of people around the globe, has actually made a few hundred fans in England. The warm reception came following a planned attack on Manchester City Council (MCC). According to the Manchester Evening News, a total of 1,609 traffic tickets could not be issued within the 28 ... (view more)

Thu
02
Jul
Dennis Faas's picture

New Tech to Quash Drive by Downloads, XSS Attacks

Makers of the popular Firefox web browser, Mozilla, are working on new technology that it hopes will remove the threat of Cross-Site Scripting (XSS) attacks that have compromised legitimate websites for years by injecting pages with malicious code. ... XSS vulnerabilities allow hackers to unsuspectingly inject malicious code into pages that persuade users to click on links launching drive-by downloads . Content Security Policy (CSP) to Stop XSS Attacks Drive-by downloads are made possible because content received from a web server's response is treated the same, regardless of whether it's ... (view more)

Wed
01
Jul
Dennis Faas's picture

Harry Potter Movie Targeted by Hackers

Harry Potter fans wanting to illicitly download movies such as 'Harry Potter and the Half-Blood Prince' are being advised to wait until the movie is released. Cybercriminals are reportedly targeting popular peer-to-peer (P2P) networks in order to ... take advantage of fans wanting to download the movie in advance of its screening. When a user comes across optimized, illegitimate links to download the movie, they are baited by offers to watch Harry Potter and the Half-Blood Prince online for "free." When the user clicks the link, they are redirected to an online blog post containing ... (view more)

Mon
29
Jun
Dennis Faas's picture

Malware Peddlers Target Michael Jackson Mourners

While millions of people clamored to hear late-breaking news and updates on the sudden passing of the Prince of Pop, hackers and online deviants around the world rushed to their computers to spread spam and malware to an endless sea of vulnerable ... mourners. Hundreds of cases of malicious messages masquerading as information about Jackson's death were reported Thursday night. The emails claimed to have contained "vital information" about the circumstances surrounding his death, while also asking users to respond in order to become privy to the "secret" details. (Source: infoworld.com ) ... (view more)

Thu
25
Jun
Dennis Faas's picture

Next-Gen Cell Spying: Like Straight out of a Movie

According to reports, the National Security Agency (NSA) has been busted once again for illegal surveillance. Worse yet, it seems the NSA has moved beyond wiretapping land lines to the wireless phone industry, too. (Source: nytimes ) Legal experts ... suggest that collaboration between the wireless phone industry and the NSA runs far deeper than originally thought. There are over 3,000 wireless companies operating in the U.S.; furthermore, the majority of industry-aided snooping is quietly handled by companies that most consumers have never heard of. (Source: cnet.com ) Major Networks Sold Data ... (view more)

Pages

Subscribe to RSS - Security