Tags: code, exploit, secure

RSS feed

News (205)

Oracle attack code out

Code is in the wild for one of the holes patched by the database firm on tuesday. Read more »

Code to exploit Windows graphics flaw now public

A sample program hit the Internet on Wednesday, showing by example how malicious coders could compromise Windows computers by using a flaw in the handling of a widespread graphics format by Microsoft's software. Read more »

Exploit code makes IE flaw more dangerous

The threat posed by a critical flaw in Internet Explorer has been ratcheted up by the release of a program designed to exploit the vulnerability, security researchers warned on Thursday. Read more »

PHP exploit code plants itself in GIF

Security researchers have found PHP exploit code embedded in a GIF on a major image-hosting site. Read more »

Exploit code released for Adobe Photoshop flaw

Exploit code that could take advantage of a "highly critical" security flaw in the most recent versions of Adobe Photoshop has been published, a security researcher reported this week. Read more »

Exploit code chases two Firefox flaws

Two vulnerabilities in the popular Firefox browser have been rated 'extremely critical' because exploit code is now available to take advantage of them. Read more »

Microsoft: Watch out for rogue code

Microsoft has urged customers to apply its latest security patches, after several companies published "proof of concept" attacks that exploit the flaws that the updates fix. Read more »

Beware of bogus Microsoft security bulletins

Organisations are being warned to be on the lookout for fake Microsoft security bulletins which spammers sent out yesterday to thousands of companies in the US and the UK. Read more »

Microsoft RPC exploit could be a packaged deal

While Microsoft has labeled Thursday's emergency patch MS08-067 as "critical" and provided a rareout-of-cycle fix because its exploit could easily be used as worm on a compromised network, one security researcher doesn't think it will happen that way. Read more »

RSS, Atom feeds may carry security risk

Reading blogs via popular RSS or Atom feeds may expose computer users to hacker attacks, a security expert warns. Read more »

More Code, Exploit, Secure News Results

Features (40)

CGI wrappers for Apache-based apps can boost security

CGI scripts represent a big potential security risk in Web development, but using CGI wrappers can help insulate your servers from attack. Here's an outline of how to create CGI wrappers to protect an Apache Web server. Read more »

Develop applications that prevent intrusion

Designing secure applications requires developers to look beyond their own code. Accessing APIs or COM objects or establishing system privileges can result in security vulnerabilities that can be prevented. Read more »

Security through obscurity won't secure your code

Most applications use some form of security through obscurity, but you should avoid it when writing your apps. ZDNet Australia offers these tips on how to tighten up your code. Read more »

Ten commandments for the security-conscious programmer

Here are the steps from Builder AU that you should take to keep hackers and other security threats at bay. Read more »

Five steps to designing a secure system with TCB

Security must be a factor in system design from the beginning. It starts with defining the trusted computing base (TCB). Follow these steps to achieve a secure system. Read more »

Proprietary vs. open source? Take the best of both codes

The Microsoft vs. Linux confrontation is too often seen as a battle for the hearts and minds of this industry. From a corporate IT perspective, each side has legitimate claims and products to offer. It's not an either-or situation; it's about the price and service for goods rendered. The enterprise will be a hybrid world that continues to integrate both proprietary and open source code for a long time to come. Read more »

PHP gotchas to avoid

When you are debugging PHP code under a tight deadline, start by looking for the most typical problems. Topping the list should be parsing and scope errors. Read more »

Clickjacking: Potentially harmful web browser exploit

Clickjacking has the potential to redirect unknowing users to malicious websites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings. Read more »

The secrets of open source security

The Linux vs. Windows security debate is a contest of examples, which stand in place of the concepts that comprise a larger, more fundamental question of what the security benefits and detriments are for the open source and closed source development models. Read more »

New security flaw in Outlook, IE

A Danish security researcher has warned that a recently discovered software flaw could leave user's systems open to malicious code carried on Web pages or in e-mails. Read more »

More Code, Exploit, Secure Features Results

Blog (5)

The 2008 Trends and Threats to Internet security

[blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

We don't need an eBay for security holes

[blogs:byteclub] -- It's been likened to an eBay for hackers -- new security site WabiSabiLabi is a market place for auctioning security vulnerabilities. Read more »

Anti-Virus software hit with 6 critical vulnerabilities

[blogs:syslog] -- Kaspersky Labs announced over easter that their latest maintenance pack fixes six critical security vulnerabilities in their anti-virus software. The security flaws affect the Anti-Virus 6.0 and Internet Security products, including both the workstation and server editions. Read more »

QuickTime and Firefox combine for insecurity

[blogs:byteclub] -- A vulnerability in Apple Software's QuickTime media player can be exploited to execute remote javascript code, or by tapping into Firefox's chrome engine can execute remote code of any kind. Read more »

5 reasons restricting hacking is not like gun control

[blogs:byteclub] -- Let's get it out of the way: Guns don't kill people, people with guns kill people. People with hacking tools can steal your personal data, shut down your system and deface your web site -- but is that any reason to ban them? Read more »

12 comments

Log in

News and features

Latest
Popular
Features
Most Discussed

Twitter rival Pownce acquired, closed (9 hours, 46 minutes ago)
Google Chrome to get extensions (10 hours, 3 minutes ago)
MySQL releases dodgy v5.1
Hackers boot Linux on iPhone
Microsoft's Europe prices attract lawsuit
Copyright attack: Sydney net cafe fined
More news »

Blogs

Tools for the Semantic Web

This blog post covers some of the technologies available for creating applications for the Semantic Web. Read more »

-- posted by Lana Kovacevic
Bridging the gap between programmers and the vision

A successful project will have a hard time flying if you don't walk through the game plan before writing a line of code. Read more »

-- posted by Brendon Chase
Social news start-up Streem shuts down

Sydney social news start-up Streem will shut down this afternoon, according to a heartfelt notice posted on the site this morning by its founder Elgar Welch. Read more »

-- posted by Renai LeMay

Videos

How to Reset Windows passwords

2008/10/01 14:31:09

Play the video
Five things to consider when choosing a Linux distribution

2008/10/01 15:50:33

Play the video
Cyber-terrorism 'a big threat'

2008/12/01 12:43:32

Play the video

What's on?

Space pr0n, patent karma and Yang out -- Club Builder

On Club Builder this week: how NASA plans to get the Internet into space, Jerry Yang is out the door at Yahoo and Brendan Eich discusses javascript engine competition.