Subscriber Sessions “Online Information Security Sessions from Global Leaders in Information Security Topics.”
Hack ED “Check out our daily articles on Ethical Hacking Education and Discussion Topics!”
Apple yesterday patched three vulnerabilities in Safari, including one in the Windows version that quashed a bug Microsoft said individual developers had to fix themselves. Apple and Mozilla are the only major browser makers who have patched what most researchers have called “DLL load hijacking.” In the updates to Safari 5.0.2 and Safari 4.1.2, Apple [...]
Just hours after Apple released iOS 4.1 to great fanfare, hardware hackers found a way to jailbreak devices that run the new operating system. More surprising still, there doesn’t appear to be anything Steve Jobs can do to stop them in the near future. The exploit in the boot ROM of iOS devices was first [...]
A new study by security vendor Symantec reports that Internet crime has grown into a widespread problem globally. It also provides intriguing insights into consumers’ lax attitudes toward online piracy, plagiarism, and other illegally or unethical activities. Some 7,000 adults in 14 nations participated in the Norton Cybercrime Report: The Human Impact, which was released [...]
Adobe today warned users that attacks have begun exploiting an unpatched bug in its popular Reader and Acrobat PDF viewing and creation software. The company issued an advisory on short notice today, saying that it had learned of in-the-wild attacks only on Tuesday. “A critical vulnerability exists in Adobe Reader 9.3.4 and earlier versions for [...]
Microsoft is investigating the public report of a data-stealing vulnerability impacting Internet Explorer 8 (IE8). In a post to the Full Disclosure mailing list, Google security engineer Chris Evans described the issue as a “nasty vulnerability” that could be exploited to allow an arbitrary website to force a user to post a message on a [...]
Mozilla has released version 3.6.9 of its popular Firefox Web browser in order to address numerous security issues, many of which are rated as critical. In total, ten of the security advisories bear the critical impact key, but the actual number of patched vulnerabilities is higher since one of them covers “several memory safety bugs [...]
Malicious links leading to the download of a malicious JavaScript payload have been popping up on various Twitter accounts, warns Kaspersky’s Stefan Tanase. The payload uses a XSS vulnerability to steal Twitter cookies and transfer them to two servers (one of which is hosted in Brazil). The cookies are then used to hijack users’ sessions [...]
A critical bug in QuickTime was reported to Apple two months before a second researcher independently revealed the vulnerability this week, the director of a bug bounty program said today. The duplicate discovery was just one of an increasing number of overlapping vulnerability reports that show vendors must patch faster, said Aaron Portnoy, security team [...]
Apple yesterday laid out its plans for the next two upgrades of iOS, the mobile operating system that powers its iPhone and iPad, slating the first for release in a few days. iOS 4.1 will ship sometime next week, Apple CEO Steve Jobs said during an hour-plus introduction of a refreshed iPod lineup and a [...]
Nagios monitors your entire IT infrastructure to ensure systems, applications, services, and business processes are functioning properly. In the event of a failure, Nagios can alert technical staff of the problem, allowing them to begin remediation processes before outages affect business processes, end-users, or customers. Enhancements in version 3.2.2: * Patch to new_mini_epn to allow [...]
