News (18)

BusinessWeek site hacked

Hackers have broken into BusinessWeek's online site and set up an attack scenario in which visitors to a section of the site could have their own computers compromised and their data stolen, a security researcher said on Monday in the US. Read more »

IBM chides security researchers

Technology giant IBM has taken independent security researchers to task for their role in making information about unpublished computer attacks available in an undisciplined manner. Read more »

Google's Blogger number one for malware

Search giant Google has catapulted itself to the top in the ranks of web hosts with the most malware, courtesy of its blogging website Blogger, according to security vendor Sophos. Read more »

PlayStation 3 site hacked, 2.40 upgrade suspended

Sony has suspended its PlayStation 2.40 firmware upgrade following reports it has fouled up some users' systems — Sony has also removed hacked pages on its Playstation web site. Read more »

Malware on 'trusted' websites has quadrupled

The amount of web-based malware hosted by trusted websites has increased by over 400 percent since last year, according to security vendor ScanSafe. Read more »

20,000 Web pages help exploit 'patched' Flash flaw

A possible zero day exploit has been discovered for a flaw in Flash thought to have been patched by Adobe a month ago. Read more »

Facebook admits it's the in thing for spammers

The popular social-networking site Facebook is coming under increased attack by spammers and phishers, the company's security chief has revealed. Read more »

iFrame attacks: Blame your Web admin guy

With one new Web site compromised every 14 seconds, including some of the biggest names, it's almost impossible to tell what's a "trustworthy" Web site. But who's at fault for exposing Internet users? Read more »

Security experts warn of potential malicious AIR code

On Monday, Adobe Systems rolled out its new Web 2.0 development tool, Adobe Integrated Runtime, or AIR. Following its release were some concerns from the security community. Read more »

Massive SQL-based Web attack decoded

The SANS Internet Storm Center has published details about the massive SQL-based Web attack that occurred over the weekend. Read more »

Features (8)

Security in the Web 2.0 Era

At the Gartner Symposium ITxpo 2008 in Sydney this week, Andrew Walls, the research director and security analyst at Gartner presented "Security in the Age of E-Commerce and Web 2.0". Read more »

What is cross-site scripting?

Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. This article explains what it is and where the dangers lie. Read more »

Ruby on Rails Explained

There are plenty of frameworks around but Ruby on Rails is a new breed, focused on productivity not language. Simon Jackson explains what makes it different. Read more »

Is LINQ the future of database development?

The LINQ (.NET Language Integrated Query) Project is a Microsoft initiative to standardise data access across not only data sources but also development. Will it revolutionise database development? Read more »

Supersize me-- Access to SQL

Access developers who have ambitions to upsize to SQL Server face several problems. The problem that's the most difficult to surmount is dynamic SQL. Read more »

Simplify .NET SQL queries with the DAAB

Microsoft's Data Access Application Block (DAAB) makes connecting .NET applications to SQL databases easier--if you know how to use it. Read more »

Deleting data from an ASP.NET DataGrid

Deleting data from the DataGrid takes some work. Find out how to create a delete button for the DataGrid and how to build a pop-up delete confirmation. Read more »

Tutorial: JavaScript and regular expressions

If you've worked with regular expressions in Perl, you know that they can simplify search and replace tasks. Using them in JavaScript is just as easy. Read more »

Blog (5)

Hack attack week

Staff [blogs:syslog] -- It wasn't a good week to be an Alaskan vice-presidential candidate, an online publication or even a multinational science project -- as all were compromised by hackers this week. Read more »

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

2008 -- where 2006 exploits still rule

Staff [blogs:syslog] -- So the question is: who is running their SQL servers on systems unpatched since 2006 and/or not installing service packs? The answer is clearly enough people to warrant continued exploitation. Read more »

Attack Modeling vs Threat Modeling

[blogs:] -- Traditional Threat Modeling from an adversarial approach is actually Attack Modeling. So what is Threat Modeling then and how does it differ from Attack Modeling? Read more »

New Dev Security Training Modules

[blogs:] -- The Patterns and Practices team at Microsoft has posted some secure development training modules from Keith Brown. Read more »

Log in


Sign up | Forgot your password?

  • Staff Crying, mooning and leaving

    In this week's roundup we see that continuous whining can get results, Linux users get 64-bit Flash and Moonlight previews, the latest in the Yahoo/Microsoft relationship and Senator Conroy ducks and weave in Senate Question Time. Read more »

    -- posted by Staff

  • Brendon Chase Sun eye Web developers with Netbeans 6.5

    Despite the recent employment axe hitting Sun the company has pushed out a new release of its Netbeans open source IDE with an eye to appeal more to Web developers. Read more »

    -- posted by Brendon Chase

  • Renai LeMay BarCamp buzz: Let the hacking continue

    Attending last weekend's BarCamp in Sydney, it was hard to escape the conclusion that a certain "dot-com bust" flavour had seeped into the kool aid previously being drunk by Australia's web 2.0 and early stage start-up sector. Read more »

    -- posted by Renai LeMay

What's on?