News (57)

Microsoft: Vista UAC designed to 'annoy users'

A Microsoft manager has said one of the security features in Vista was deliberately designed to "annoy users" in order to put pressure on third-party software makers to make their applications more secure. Read more »

Google fixes Web site security bug

Google has fixed a security flaw on its Web site that opened the door to phishing scams, account hijacks and other attacks, security researchers said on Monday. Read more »

Berners-Lee: Web security still a fight

Sir Tim Berners-Lee, credited as the inventor of the Web, has described online security as a "never-ending battle". Read more »

Flaw leaves Windows open to Java attack

Microsoft has warned of three flaws affecting its software, the most serious of which would allow an attacker to gain full control of a PC using Java applets. Read more »

Facebook admits it's the in thing for spammers

The popular social-networking site Facebook is coming under increased attack by spammers and phishers, the company's security chief has revealed. Read more »

Gmail cookie vulnerability exposes user's privacy

Petko Petkov of ethical hacking group GNUCitizen, has developed a proof-of-concept program to steal contacts and incoming e-mails from Google Gmail users. Read more »

US Homeland Security e-mail gaffe exposes secrets

A technical contractor may have started a chain of events that led to security professionals divulging classified information Read more »

Web sites threatened by Samy worm

The newly-discovered Samy worm is the first to exploit a cross site scripting vulnerability, prompting security experts to fear the technique could be used to open a new front in the war against malware. Read more »

Microsoft attacks potential VMware feature

Senior Microsoft security strategist Steve Riley last week criticised virtualisation rival VMware for an idea that could see virtualised operating system images patched while they were still running in memory. Read more »

Web attackers get better at hiding

Cybercrooks who rig Web sites to break into PCs are getting better at hiding their malicious code, a security expert said this week. Read more »

More Attack, Cross News Results

Features (20)

What is cross-site scripting?

Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. This article explains what it is and where the dangers lie. Read more »

Security in the Web 2.0 Era

At the Gartner Symposium ITxpo 2008 in Sydney this week, Andrew Walls, the research director and security analyst at Gartner presented "Security in the Age of E-Commerce and Web 2.0". Read more »

Clickjacking: Potentially harmful web browser exploit

Clickjacking has the potential to redirect unknowing users to malicious websites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings. Read more »

Pinpoint vulnerabilities on your system with Nessus

Fixing vulnerabilities is an ongoing process that requires diligence -- it's not something you can ever cross off your task list. However, there are plenty of excellent tools available that will assess your systems for known vulnerabilities. Let us introduce you to one of the best. Read more »

Better way to hacker-proof your site

Think malicious users need sophisticated tools to attack a Web site? Think again. All they really need is a Web browser and basic knowledge of SQL or another scripting language. Read more »

New security flaw in Outlook, IE

A Danish security researcher has warned that a recently discovered software flaw could leave user's systems open to malicious code carried on Web pages or in e-mails. Read more »

Safe browser an oxymoron?

In November 2003, the CERT Coordination Center first advised Web users to consider using a Web browser other than Microsoft Internet Explorer. Read more »

Beware of the zealot

Being a Microsoft or Java fanatic may be admirable in some IT roles. IT development management isn't one of them. Read more »

Develop secure software at the application level

Protect your application from input overflow and underflow attacks, and from other common tactics with these development techniques. Read more »

Ten commandments for the security-conscious programmer

Here are the steps from Builder AU that you should take to keep hackers and other security threats at bay. Read more »

More Attack, Cross Features Results

Blog (2)

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

QuickTime and Firefox combine for insecurity

Nick Gibson [blogs:byteclub] -- A vulnerability in Apple Software's QuickTime media player can be exploited to execute remote javascript code, or by tapping into Firefox's chrome engine can execute remote code of any kind. Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Crying, mooning and leaving

    In this week's roundup we see that continuous whining can get results, Linux users get 64-bit Flash and Moonlight previews, the latest in the Yahoo/Microsoft relationship and Senator Conroy ducks and weave in Senate Question Time. Read more »

    -- posted by Staff

  • Brendon Chase Sun eye Web developers with Netbeans 6.5

    Despite the recent employment axe hitting Sun the company has pushed out a new release of its Netbeans open source IDE with an eye to appeal more to Web developers. Read more »

    -- posted by Brendon Chase

  • Renai LeMay BarCamp buzz: Let the hacking continue

    Attending last weekend's BarCamp in Sydney, it was hard to escape the conclusion that a certain "dot-com bust" flavour had seeped into the kool aid previously being drunk by Australia's web 2.0 and early stage start-up sector. Read more »

    -- posted by Renai LeMay

What's on?