attacker in news
RSS attacker in newsGoogle releases notes on Chrome security fixes
News The critical patches relate to buffer overrun vulnerabilities that could have let a remote attacker execute arbitrary software on a Chrome user's computer, said Mark Larson, a Google Chrome programme manager, in a... [09 Sep 2008]
IE8 unleashed as Microsoft plays Firefox catch-up
News Cross-site scripting allows an attacker to execute script on a user's browser without them knowing. Microsoft released the second public beta for Internet Explorer 8 on Wednesday. If anything, this release brings IE up... [28 Aug 2008]
Ubuntu patches flaw
News A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service. The email also detailed a number of other bugs which could be exploited by an... [26 Aug 2008]
OpenID at risk due to DNS flaw, claims researcher
News Clayton wrote: "The problem that Ben [Laurie] and I have identified is that an attacker can poison a DNS cache so it serves up the wrong IP address for openid.sun.com. Robin Wilton, a corporate architect for federated... [14 Aug 2008]
Microsoft's 'Patch Tuesday' targets six critical flaws
News The vulnerabilities allow an attacker to remotely execute arbitrary code on a system if a user visits a specially crafted web page with affected versions of IE. The vulnerabilities in indexing validation and array,... [13 Aug 2008]
Internet blacklisting tool unveiled
News It is based on DShield researchers' finding that groups of networks share various degrees of common attacker overlap: what the researchers called "correlated victims". Security researchers have taken a page out of... [28 Jul 2008]
Microsoft warns of ActiveX attack targetting Access
News This would provide the attacker with as much access to and rights on the computer as the logged-in user has. An attacker would have to lure a victim, via a link in an email for example, to a specially... [08 Jul 2008]
Corporations riddled with security holes
News Some OpenSSL versions are known to contain several vulnerabilities that could allow an attacker to carry out a denial of service attack or execute arbitrary code on web servers. Successful exploitation of this issue... [19 Jun 2008]
Microsoft boosts stability of Office 2008 for Mac
News This update fixes a vulnerability that an attacker can use to overwrite the contents of your computer's memory with malicious code," Microsoft said on its web site, referring to the Microsoft Office 2004 for Mac 11.4.1... [12 Mar 2008]
'Tamper-proof' chip and PIN terminals hacked
News The PCB has various holes that an attacker can use to insert a conductor into the serial data line, to tap both the PIN and card details. Saar Drimer and Steven Murdoch, overseen by Professor Ross Anderson, managed to... [27 Feb 2008]
QuickTime flaw could fuel Second Life stealing
News Researchers have shown how exploiting a flaw within QuickTime could allow an attacker could steal from other users in Second Life. What Miller and Zovi realised is that while direct communication between an... [18 Feb 2008]
Microsoft's 'patch Tuesday' releases six 'critical' plasters
News Ben Greenbaum, senior research manager at Symantec Security Response, said: "While the batch of critical vulnerabilities all require some sort of user interaction to exploit, the interaction can be as simple as visiting a trusted website... [14 Feb 2008]
Happy 10th birthday Mozilla - there's a bug in your cake
News Insufficient security validation of input file names in the Firefox header lets an attacker order the browser to access files it is not supposed to be able to access. Security from A to Z Click on the links below to find... [25 Jan 2008]
Apple's Tiger and Leopard get patched up
News This includes several flaws that could lead to a remote attacker executing malicious code on a Mac in programs like Address Book, the Safari browser's RSS feed and CUPS (common Unix printing system), among other things. [18 Dec 2007]
Gmail cookie flaw 'puts email at risk'
News From that moment, the attacker can take over the session cookies for Gmail and subsequently forward all the account's messages to a POP account. Petko Petkov of ethical hacking group GNUCitizen has developed a... [27 Sep 2007]
