Wednesday, July 9th, 2008
US-CERT and other security experts have warned of a critical design problem affecting all DNS implementations. The Domain Name Service is responsible for converting readable names like www.heise-online.co.uk into the IP addresses that computers can handle, such as 193.99.144.85. DNS is thus the internet equivalent to a phonebook and without ...
Posted in Internet, Privacy, Security | No Comments
Tuesday, July 8th, 2008
Cybercriminals are exploiting a bug in software used by Microsoft's Access database program in a new online attack, Microsoft warned Monday.The flaw lies in the Snapshot Viewer ActiveX control, which ships with "all supported versions of Microsoft Office Access except Microsoft Access 2007," Microsoft said in a security advisory, published ...
Posted in Security, Software, Windows | No Comments
Tuesday, July 1st, 2008
I got forwarded this link today from businesswire about how Google and Yahoo are now going to be armed with the information necessary to look at and extract information out of SWF files. Ho-boy, here we go. The link was sent to me with the “bad juju” caveat, and I’m ...
Posted in Internet, Privacy, Security, Software | No Comments
Tuesday, July 1st, 2008
Sophos announced today that it has published a new white paper describing how businesses can tackle the growing challenge of data leaking by enforcing an acceptable use policy, by applying appropriate controls already available in existing security solutions.
The white paper, entitled "Stopping data leakage: Exploiting your existing security investment", examines ...
Posted in General BS, Internet, Networking, Privacy, Security | No Comments
Tuesday, July 1st, 2008
Our research team has identified a web-based attack technique that exploits the growing number of applications that require a web server being run on a local machine. Cross-Environment Hopping (CEH) is a result of this trend combined with the current limitations in browsers’ same-origin policy access restrictions.
The CEH technique enables ...
Posted in Coding, Internet, Networking, Privacy, Security | No Comments
