Adobe ships critical PDF Reader, Acrobat patch

Tuesday, June 24th, 2008

Adobe has shipped a critical update to patch a code execution vulnerability affecting multiple versions of its Reader and Acrobat products. According to Adobe’s advisory, the flaw “could potentially allow an attacker to take control of the affected system.” If you have Adobe Reader or Acrobat installed on your machine, this update ...

$1B Market for Meddling With DNS Poses Security Problem

Tuesday, June 24th, 2008

The interception of Internet traffic to snoop on phone calls or track surfers' behavior is a hot topic -- but what's keeping members of ICANN's Security and Stability Advisory Committee up at night is the interception of traffic to and from sites that don't even exist. They explained why in ...

Securing Cross Site XMLHttpRequest

Monday, June 23rd, 2008

As I mentioned in my post on Cross Document Messaging, client side cross domain request is an important area of interest for AJAX developers looking for ways to avoid expensive server side proxying calls. While Cross Document Messaging is useful for allowing third party components or gadgets embedded in a ...

Endpoint security holes an open door for attackers

Monday, June 23rd, 2008

Everyone knows that there's no such thing as 100% security, but it's unlikely that most businesses realize how insecure they really are. New research on endpoint security shows just how vulnerable corporate networks are. Eighty-one percent of corporate endpoints probed by IT security and control product vendor Sophos failed basic security ...

Best Security Tools: Free online Web utilities

Monday, June 23rd, 2008

Have you ever needed to PING a host, run trace a Web route, or see what information you're exposing to Internet without having to reconfigure the security on your perimeter devices? Have you tired of having to call your managed security services provider to let them know it's you creating ...