Firefox Extension Blocks Dangerous Web Attack

Wednesday, October 8th, 2008

A popular free security tool for the Firefox browser has been upgraded to block one of the most dangerous and troubling security problems facing the Web today. NoScript is a small application that integrates into Firefox. It blocks scripts in programming languages such as JavaScript and Java from executing on untrusted ...

Fake SSL Certificates Seen Again

Wednesday, October 8th, 2008

Online banks use cryptographic protocols to secure the exchange of information on the Web, and hackers do not hesitate to adapt to this technology too. A new case of fake SSL (Secure Sockets Layer) certificates appeared again, following phishing threats we’ve seen last April and May. This time, the website of ...

Net game turns PC into undercover surveillance zombie

Tuesday, October 7th, 2008

Underscoring the severity of a new class of vulnerability known as clickjacking, a blogger has created a proof-of-concept game that uses a PC's video cam and microphone to secretly spy on the player. The demo, which is available here, appears to be a simple game that tests how quickly a user ...

How to Root Out Bots in Your Network

Thursday, October 2nd, 2008

Even routinely clean antivirus scans can’t hide the dirty little secret more enterprises are facing today: Some of their client machines are members of botnets. That’s why Matt Sergeant, senior anti-spam technologist for MessageLabs Ltd. , hopes to educate some large organizations and ISPs on how to detect and clean up ...

All Major Browsers Vulnerable To Clickjacking

Monday, September 29th, 2008

Security research sites are buzzing about a new attack description called "clickjacking." The descriptions are still pretty vague, but they are scary enough that US Cert has weighed in and browser vendors are reported to have patches in the works. The basic description of the attack is that it allows the ...