Security Corner:

October, 2008


October 30, 2008  3:13 PM

Clickjacking Attacks Are Ocurring in the Wild

Posted by: Ken Harthun
Browsers, Clickjacking, Firefox, Internet Explorer, Malware, Security

Less than a month after the clickjacking exploit came to light, sporadic reports of users falling victim to the attack are beginning to surface.

October 29, 2008  3:04 PM

Opera Zero-day Vulnerability

Posted by: Ken Harthun
Browsers, Opera, Remote Code Execution, Security bulletin, Zero-day exploit, Zero-day vulnerability

Just as Opera completed patches for critical vulnerabilities in its browser, researchers discovered another remote code execution bug. In its recent article, "Opera scrambles to quash zero-day bug in...

Bookmark and Share     0 Comments     RSS Feed     Email a friend

October 27, 2008  9:29 PM

Software for Secure Computing: Firefox & NoScript

Posted by: Ken Harthun
Browsers, Clickjacking, Firefox, Internet Explorer, Microsoft Windows, Secure Computing, Security

Everyone agrees that it just isn't safe out there on the Wild, Wild, Web and while Microsoft has made huge strides in securing Internet Explorer, the fact that IE continues to use ActiveX scripting technology makes it the least secure browser. I often recommend that people not use IE unless they...

October 23, 2008  8:29 PM

Microsoft Releases Out-of-Band Security Bulletin MS08-067

Posted by: Ken Harthun
Critical update, Malware, Microsoft Windows, Remote Code Execution, Security, Security bulletin, Vulnerabilities

Microsoft just released a critical update for a "privately reported" vulnerability in the server service:

This security update resolves a privately reported vulnerability in the Server service. The...

October 21, 2008  5:00 PM

The Four D’s of Cyber Security: Deny, Discriminate, Detect, & Destroy

Posted by: Ken Harthun
Instrusion prevention, Intrusion detection, Password, Security, Security management

This is an interesting and sensible approach to security.  I would call these the "Logics of Cyber Security" because they're so basic they could well be the principles upon which all cyber security can be based. The paper's authors call them "first principles," defining such as "...a basic...

October 17, 2008  1:26 AM

Beware of E-Mail Scam Targeting Microsoft Customers

Posted by: Ken Harthun
E-mail scam, email, Email security, Security, spam, Trojan

The latest e-mail scam targeting Microsoft customers delivers the Backdoor:Win32/Haxdoor trojan as an attachment. The email looks like this:

Dear Microsoft...

October 8, 2008  12:26 AM

TCP Vulnerable To Low-bandwidth DoS Attack

Posted by: Ken Harthun
Denial of Service, Networking, Security, Vulnerabilities

There's already a frenzy of speculation, analysis and, probably, development of malware surrounding the announcement of SockStress--the proof-of-concept program developed by two Dutch...

October 2, 2008  8:12 PM

Beware Google AdWords Phishing Attack

Posted by: Ken Harthun
Cybercrime, Malware, Phishing, Rootkit, Security

Criminals are targeting Google AdWords customers with phony emails requesting the victim download a 128-bit SSL certificate. A client received this version (there are quite a few variations):


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: