attack code
RSS attack codeThousands of Hotmail account details posted online
News Hotmail account logins and passwords have been posted to a public forum following a phishing attack. For more, see Phishing attack hits thousands of Hotmail accounts on ZDNet UK. Several thousand users... [06 Oct 2009]
WordPress blogs under spam, malware attack
News The vulnerability allowing the attack was discovered on 11 August, at which point WordPress encouraged users to upgrade to version 2.8.4. The worm can be tough to catch, as Mullenweg explains: "It registers a user, uses... [07 Sep 2009]
Microsoft IIS flaw being exploited in attacks
News According to the advisory, the vulnerability could let somebody run arbitrary code on a server using FTP on IIS 5.0 and conduct a denial-of-service attack using FTP on IIS 5.1, 6.0, and 7.0. A... [07 Sep 2009]
Open source hack could make mobiles vulnerable to prying ears
News It will take 80 high-performance computers about three months to do a brute force attack on A5/1 and create a large look-up table that will serve as the code book, said Nohl, who announced the project at... [26 Aug 2009]
Google plugs two critical Chrome vulnerabilities
News With one attack on Google's V8 JavaScript engine, malicious JavaScript on a website could let an attacker gain access to sensitive data or run arbitrary code on the computer within a Chrome protected... [26 Aug 2009]
Microsoft's Patch Tuesday to fix five critical holes
News Four additional vulnerabilities, rated "important", affect Windows and Windows .NET Framework and could allow an attacker to remotely execute code, launch a denial-of-service attack or elevate system... [07 Aug 2009]
Apple plugs iPhone SMS flaw
News The attack was enabled by a memory corruption bug in all iPhone operating systems. Receiving a maliciously crafted SMS message may lead to an unexpected service interruption or arbitrary code execution. [03 Aug 2009]
MI5 plugs website flaw that left site open to hack attack
News The website suffered a cross-site scripting vulnerability that could have allowed hackers to inject code into the site and redirect users to malicious pages, MI5 admitted on Wednesday. MI5 has closed up a flaw on its... [30 Jul 2009]
Microsoft releases emergency patch to plug critical ActiveX hole
News However, researchers figured out a way to get around the kill bit protection mechanism, thus rendering it ineffective and exposing the system to attack, said Eric Schultze, chief technology officer at Shavlik Technologies. [29 Jul 2009]
'Hack your own Oracle database' tool unveiled next week
News If administrators haven't applied the patches, then the databases were/are vulnerable," he said when asked if the release of his tool will expose companies running Oracle databases to attack. Gates is a member of the... [24 Jul 2009]
Is Chrome ready to shine when it comes to security?
News Chrome has several design features that optimise security: sandboxing, which restricts privileges of key parts of the browser so it's harder to co-opt them for mounting an attack, and multiprocess architecture, which... [23 Jul 2009]
Mozilla unearths critical Firefox 3.5 Just-in-time hole
News The hole could allow a hacker to launch a 'drive-by' attack, according to Mozilla. Proof-of-concept code to exploit the vulnerability has been posted online by a security research group, Mozilla said in... [16 Jul 2009]
Apple goes on a security Safari with browser patches
News This vulnerability could allow a website to execute HTML and scripting code in the security context of another website, in what is known as a cross-site scripting attack. Apple has released an update for... [09 Jul 2009]
Windows Video ActiveX Control at risk from flaw
News When it is used in IE, the control can corrupt the system state in such a way that arbitrary code could be run by an attacker. Microsoft on Monday warned of a vulnerability in its Video ActiveX Control that could allow... [07 Jul 2009]
Why Google's security arm doesn't have a war room
News The playbooks explain how to attack a problem and what to do in case of specific types of events. Postini found that one attack alone, on 18 June, unleashed 50 per cent of a typical day's spam volume in... [02 Jul 2009]
