News (39)

Google fixes Web site security bug

Google has fixed a security flaw on its Web site that opened the door to phishing scams, account hijacks and other attacks, security researchers said on Monday. Read more »

XSS flaw makes PM say: "I want to suck your blood"

The Web sites of Australia's two major political parties contain cross-site scripting vulnerabilities, which could be exploited to fraudulently acquire political donations, say security experts. Read more »

Web 2.woe: Simple security flaws going unfixed

Web application vulnerabilities are simple to fix -- but they're here to stay and will likely get worse, say security analysts. Read more »

Mozilla fixes critical flaws in Firefox 2.0, Thunderbird

Mozilla has fixed seven vulnerabilities in the latest release of Firefox — SeaMonkey and Thunderbird are also affected. Read more »

Exploit code chases two Firefox flaws

Two vulnerabilities in the popular Firefox browser have been rated 'extremely critical' because exploit code is now available to take advantage of them. Read more »

Flaw leaves Windows open to Java attack

Microsoft has warned of three flaws affecting its software, the most serious of which would allow an attacker to gain full control of a PC using Java applets. Read more »

Google flaw adds phishing hole to Web sites

A security flaw in Google's search appliances could expose Web sites that use the products to information-stealing phishing attacks, experts warned on Monday in the US. Read more »

Google fixes Gmail 'ethical hacker' vulnerability

Three days after ethical hacker Petko Petkov announced his discovery of a cross-site scripting vulnerability in Gmail, Google says it has fixed the problem. Read more »

Google RatProxy looks for cross-site flaws

Google released a free tool Tuesday that should help Web developers find and fix cross-site vulnerabilities. Read more »

Microsoft patches three critical browser flaws

Microsoft on Friday released a patch for Internet Explorer designed to close three critical holes in the browser, including one that paved the way for the Download.Ject Trojan horse. Read more »

More Cross, Flaw News Results

Features (9)

New security flaw in Outlook, IE

A Danish security researcher has warned that a recently discovered software flaw could leave user's systems open to malicious code carried on Web pages or in e-mails. Read more »

Watch out for IE Local Zone script injection flaw

A flaw in the way Internet Explorer handles some errors, discovered by security company GreyMagic, could result in an attacker being able to read local files on a system or run various scripting commands. Get the details. Read more »

Clickjacking: Potentially harmful web browser exploit

Clickjacking has the potential to redirect unknowing users to malicious websites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings. Read more »

Develop secure software at the application level

Protect your application from input overflow and underflow attacks, and from other common tactics with these development techniques. Read more »

Waterfall development for new managers

Faced with managing your first development project? The waterfall development methodology can help you get your feet wet. Read more »

Ten commandments for the security-conscious programmer

Here are the steps from Builder AU that you should take to keep hackers and other security threats at bay. Read more »

Why open source is bad for Australia

Open source is actually anti-industry, and protecting it is not in Australia's interests, says one industry observer. Read more »

Increase flexibility with the .NET schema object model

This article from Builder.com examines how the XML schema object model allows you to use .NET classes to manipulate schema components. Read more »

Understanding your mental models can help sharpen PM skills

Becoming more aware of your mental models, or preconceptions, can help you become a more nimble project manager. See how to make your mental models more conscious and explainable and learn how they relate to the discipline of personal mastery. Read more »

Blog (1)

QuickTime and Firefox combine for insecurity

Nick Gibson [blogs:byteclub] -- A vulnerability in Apple Software's QuickTime media player can be exploited to execute remote javascript code, or by tapping into Firefox's chrome engine can execute remote code of any kind. Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Crying, mooning and leaving

    In this week's roundup we see that continuous whining can get results, Linux users get 64-bit Flash and Moonlight previews, the latest in the Yahoo/Microsoft relationship and Senator Conroy ducks and weave in Senate Question Time. Read more »

    -- posted by Staff

  • Brendon Chase Sun eye Web developers with Netbeans 6.5

    Despite the recent employment axe hitting Sun the company has pushed out a new release of its Netbeans open source IDE with an eye to appeal more to Web developers. Read more »

    -- posted by Brendon Chase

  • Renai LeMay BarCamp buzz: Let the hacking continue

    Attending last weekend's BarCamp in Sydney, it was hard to escape the conclusion that a certain "dot-com bust" flavour had seeped into the kool aid previously being drunk by Australia's web 2.0 and early stage start-up sector. Read more »

    -- posted by Renai LeMay

What's on?