Security Corner:

October, 2008

1

October 30, 2008  3:13 PM

Clickjacking Attacks Are Ocurring in the Wild

Ken Harthun Ken Harthun Profile: Ken Harthun

Less than a month after the clickjacking exploit came to light, sporadic reports of users falling victim to the attack are beginning to surface.

October 29, 2008  3:04 PM

Opera Zero-day Vulnerability

Ken Harthun Ken Harthun Profile: Ken Harthun

Just as Opera completed patches for critical vulnerabilities in its browser, researchers discovered another remote code execution bug. In its recent article, "Opera scrambles to quash zero-day bug in...

Bookmark and Share     0 Comments     RSS Feed     Email a friend


October 27, 2008  9:29 PM

Software for Secure Computing: Firefox & NoScript

Ken Harthun Ken Harthun Profile: Ken Harthun

Everyone agrees that it just isn't safe out there on the Wild, Wild, Web and while Microsoft has made huge strides in securing Internet Explorer, the fact that IE continues to use ActiveX scripting technology makes it the least secure browser. I often recommend that people not use IE unless they...


October 23, 2008  8:29 PM

Microsoft Releases Out-of-Band Security Bulletin MS08-067

Ken Harthun Ken Harthun Profile: Ken Harthun

Microsoft just released a critical update for a "privately reported" vulnerability in the server service:

This security update resolves a privately reported vulnerability in the Server service. The...


October 21, 2008  5:00 PM

The Four D’s of Cyber Security: Deny, Discriminate, Detect, & Destroy

Ken Harthun Ken Harthun Profile: Ken Harthun

This is an interesting and sensible approach to security.  I would call these the "Logics of Cyber Security" because they're so basic they could well be the principles upon which all cyber security can be based. The paper's authors call them "first principles," defining such as "...a basic...


October 17, 2008  1:26 AM

Beware of E-Mail Scam Targeting Microsoft Customers

Ken Harthun Ken Harthun Profile: Ken Harthun

The latest e-mail scam targeting Microsoft customers delivers the Backdoor:Win32/Haxdoor trojan as an attachment. The email looks like this:

Dear Microsoft...


October 8, 2008  12:26 AM

TCP Vulnerable To Low-bandwidth DoS Attack

Ken Harthun Ken Harthun Profile: Ken Harthun

There's already a frenzy of speculation, analysis and, probably, development of malware surrounding the announcement of SockStress--the proof-of-concept program developed by two Dutch...


October 2, 2008  8:12 PM

Beware Google AdWords Phishing Attack

Ken Harthun Ken Harthun Profile: Ken Harthun

Criminals are targeting Google AdWords customers with phony emails requesting the victim download a 128-bit SSL certificate. A client received this version (there are quite a few variations):


1

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: