News (91)
Microsoft RPC exploit could be a packaged deal
While Microsoft has labeled Thursday's emergency patch MS08-067 as "critical" and provided a rareout-of-cycle fix because its exploit could easily be used as worm on a compromised network, one security researcher doesn't think it will happen that way. Read more »
'Dangerous' Flash exploit can infect by stealth
A Flash flaw discovered this month could change the face of Web security by allowing criminals to infect users of any browser or operating system with malware — without making their browser or application crash. Read more »
PHP exploit code plants itself in GIF
Security researchers have found PHP exploit code embedded in a GIF on a major image-hosting site. Read more »
Exploit published for popular network tool
An exploit has been published that could take advantage of a flaw in Snort, a popular open-source intrusion protection system, according to a security group. Read more »
Exploit code chases two Firefox flaws
Two vulnerabilities in the popular Firefox browser have been rated 'extremely critical' because exploit code is now available to take advantage of them. Read more »
Apple QuickTime zero-day flaw 'extremely critical'
Security research firm Secunia has reported what it calls an "extremely critical" vulnerability in media-streaming program Apple QuickTime. Read more »
Symantec products threatened by Active X flaw
Symantec is urging its customers to patch their security products after being warned about a critical vulnerability that could allow hackers to execute code remotely. Read more »
Microsoft rushes out 'critical' fix
Microsoft issued a "critical" security fix for Windows on Tuesday in the US, two weeks before its scheduled release date. Read more »
IE plus Firefox equals 'critical' security risk
Firefox combined with Internet Explorer on the same desktop opens up a zero day vulnerability that is highly critical, according to security researchers. Read more »
Flaw opens crack in Windows servers
A flaw in popular Windows server software could allow remote attacks to be launched against systems, Microsoft has confirmed. Read more »
Features (21)
10+ things you should know about rootkits
Malware-based rootkits fuel a multibillion dollar spyware industry by stealing individual or corporate financial information. If that weren't bad enough, rootkit-based botnets generate untold amounts of spam. Here's a look at what rootkits are and what to do about them. Read more »
Find and fix weak OpenSSL/OpenSSH keys: Debian-based Linux vulnerability
A recent vulnerability was found in the OpenSSL package as provided by Debian and Debian-based Linux distributions, such as Ubuntu, that broke the effectiveness of the OpenSSL PRNG (Predictable Random Number Generator). Read more »
Dreamweaver testing scripts can lead to DB compromise
Get the details on an important flaw in sites developed with Macromedia Dreamweaver. Read more »
Linux kernel flaw could trigger DoS incidents
Many Linux servers may be easy targets for DoS attacks because of a flaw in the Linux 2.4 kernel. Read more »
Kerberos vulnerability hits Linux/UNIX versions
The Kerberos Administration daemon (kadmind), which is used in connection with Kerberos authentication, contains a buffer overflow vulnerability in many implementations, mostly affecting Linux/UNIX. Read more »
Disable NetBIOS and SMB to protect public Web servers
Serving data to users outside of an internal network, public Web servers are typically the first point of contact for an external attack. You need to make sure you've disabled the services that are specifically for intranets. Read more »
Troubleshoot Apache with these tips
The Apache Web server is well-proven, but can still offer an administrator headaches from time to time when things go wrong. Read more »
Knowledge is power against hacker schemes
Most IT managers neglect to tell users how to avoid falling prey to the dangerous hacker technique of social engineering. Here's what you need to know. Read more »
Take this four-phase approach to a network risk assessment
Assessing your network for potential risks is part of the responsibility of providing network services. Mike Mullins discusses the four phases of an effective network risk assessment and offers best practices for conducting each phase. Read more »
Security and open source software: An analysis.
This article from Australian technology commentator Con Zymaris examines the security threat of open source software. Read more »
Blog (4)
The 2008 Trends and Threats to Internet security
-- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »
QuickTime and Firefox combine for insecurity
-- A vulnerability in Apple Software's QuickTime media player can be exploited to execute remote javascript code, or by tapping into Firefox's chrome engine can execute remote code of any kind. Read more »
Anti-Virus software hit with 6 critical vulnerabilities
-- Kaspersky Labs announced over easter that their latest maintenance pack fixes six critical security vulnerabilities in their anti-virus software. The security flaws affect the Anti-Virus 6.0 and Internet Security products, including both the workstation and server editions. Read more »
We don't need an eBay for security holes
-- It's been likened to an eBay for hackers -- new security site WabiSabiLabi is a market place for auctioning security vulnerabilities. Read more »
Filter Tags
News and features
- Latest
- Popular
- Features
- Most Discussed
-
In this week's roundup we see that continuous whining can get results, Linux users get 64-bit Flash and Moonlight previews, the latest in the Yahoo/Microsoft relationship and Senator Conroy ducks and weave in Senate Question Time. Read more »
-
Sun eye Web developers with Netbeans 6.5Despite the recent employment axe hitting Sun the company has pushed out a new release of its Netbeans open source IDE with an eye to appeal more to Web developers. Read more »
-
BarCamp buzz: Let the hacking continueAttending last weekend's BarCamp in Sydney, it was hard to escape the conclusion that a certain "dot-com bust" flavour had seeped into the kool aid previously being drunk by Australia's web 2.0 and early stage start-up sector. Read more »
-
Interplanetary Internet a possibility
2008/11/21 10:32:55
-
Conroy ducks, Ballmer evades and Android Fails -- Club Builder
2008/11/20 10:58:20
-
Yang's resignation: The talk of Silicon Valley
2008/11/19 16:10:33
What's on?
-
Conroy ducks, Ballmer evades and Android Fails -- Club Builder
Club Builder this week takes a long look at Senator Conroy's recent attempt to explain his Great Firewall of Australia, we chase Steve Ballmer over Sydney, and find Google's biggest bug of the year.