News (102)

KDE flaw gives attackers route into Linux

A JavaScript error could allow the commandeering of systems using Konqueror Read more »

Shell scripting flaw opens OS X to attack

A flaw in the way the Mac operating system handles downloaded files with fake file extensions opens the door to all kinds of nastiness. Read more »

DNS disaster: first attacks reported

The first attacks that are likely to have stemmed from a serious Domain Name System flaw have been reported. Read more »

Unpatched IE flaw allows remote attacks

A flaw in Microsoft Internet Explorer's image rendering capabilities may allow attackers to execute code remotely, according to security experts. Read more »

Adobe addresses Flash Player 'clickjacking' flaw

Adobe has addressed a security flaw in its Flash Player products that could lead to 'clickjacking' attacks. Read more »

Flawed Safari browser endangers Windows users

Two security flaws have been found in the recently released Windows version of Apple's Safari browser — despite Apple's attempts to increase the user-base for Safari, its small size will help protect users, say security experts. Read more »

Security flaw discovered in latest Firefox update

Vulnerability researcher Ronald van den Heetkamp published a directory traversal flaw in Firefox version 2.0.0.12, just hours after Mozilla release the latest version of its browser. Read more »

Kaminsky details DNS flaw

Security researcher Dan Kaminsky has offered more details about a fundamental flaw in the Domain Name System and the extent of the vulnerability. Read more »

Microsoft warns of unpatched IE flaw

Microsoft has issued a security advisory for Internet Explorer, after a research firm published a working exploit to demonstrate how attackers could take advantage of the flaw. Read more »

Mozilla fixes critical flaws in Firefox 2.0, Thunderbird

Mozilla has fixed seven vulnerabilities in the latest release of Firefox — SeaMonkey and Thunderbird are also affected. Read more »

More Attack, Browsers, Flaw News Results

Features (5)

Windows' HTML converter vulnerability rated Critical

A problem has been discovered in the way Windows handles HTML file conversion during cut-and-paste. This buffer overrun could allow an attacker to run rogue code. Read more »

Clickjacking: Potentially harmful web browser exploit

Clickjacking has the potential to redirect unknowing users to malicious websites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings. Read more »

Watch out for IE Local Zone script injection flaw

A flaw in the way Internet Explorer handles some errors, discovered by security company GreyMagic, could result in an attacker being able to read local files on a system or run various scripting commands. Get the details. Read more »

Bug hunters, software firms in uneasy alliance

Although many software makers promote responsible disclosure, it isn't universally backed by the security community. Critics say it could make security companies lazy in patching. Full disclosure of flaws is better is preferred. Read more »

Develop secure software at the application level

Protect your application from input overflow and underflow attacks, and from other common tactics with these development techniques. Read more »

Blog (1)

QuickTime and Firefox combine for insecurity

Nick Gibson [blogs:byteclub] -- A vulnerability in Apple Software's QuickTime media player can be exploited to execute remote javascript code, or by tapping into Firefox's chrome engine can execute remote code of any kind. Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Crying, mooning and leaving

    In this week's roundup we see that continuous whining can get results, Linux users get 64-bit Flash and Moonlight previews, the latest in the Yahoo/Microsoft relationship and Senator Conroy ducks and weave in Senate Question Time. Read more »

    -- posted by Staff

  • Brendon Chase Sun eye Web developers with Netbeans 6.5

    Despite the recent employment axe hitting Sun the company has pushed out a new release of its Netbeans open source IDE with an eye to appeal more to Web developers. Read more »

    -- posted by Brendon Chase

  • Renai LeMay BarCamp buzz: Let the hacking continue

    Attending last weekend's BarCamp in Sydney, it was hard to escape the conclusion that a certain "dot-com bust" flavour had seeped into the kool aid previously being drunk by Australia's web 2.0 and early stage start-up sector. Read more »

    -- posted by Renai LeMay

What's on?