From the category archives:

Vulnerabilities

» News

First rootkit which is targeting 64-bit Windows, spotted in the wild

Alureon rootkit is back, and has acquired the ability to hijack computers running 64-bit versions of Microsoft Windows, proclaimed Marco Giuliani, security researcher with security company Prevx. “The rootkit needs administrative privileges to infect the Master Boot Record. Even then, it still cannot load its own 64 bit compatible driver because of Windows’s kernel security. [...]

Read Ahead →

» News

Loads of apps being found vulnerable to Microsoft’s DLL highjacking vulnerability

I think this attack would continue to become one of the biggest attacks on Windows. Even Windows 7 is vulnerable to it- the most latest DLL highjacking vulnerability. Though this is a local attack, the apps which are vulnerable to it are out of suspicion for any person. Very few of you until now must [...]

Read Ahead →

» News

Critical flaws fixed with latest release of Google Chrome

Google Chrome 5.0.375.127 has been released and fixes the following security issues: [45400] Critical Memory corruption with file dialog [49596] Memory corruption with SVGs [49628] Bad cast with text editing [49964] Possible address bar spoofing with history bug [50515] [51835] Memory corruption in MIME type handling [50553] Crash on shutdown due to notifications bug [51146] [...]

Read Ahead →

» News

40 Windows apps contain critical bug, says HD Moore

@hdmoore first hinted at the widespread bug in a message on Twitter. “The cat is out of the bag, this issue affects about 40 different apps, including the Windows shell,” he tweeted, then linked to an advisory published by Acros, a Slovenian security firm. HD Moore, chief security officer at Rapid7 and creator of the [...]

Read Ahead →

» News

Adobe releases security updates of Acrobat and Reader

New versions of Adobe Reader (9.3.4) and Acrobat (9.3.4, 8.2.4) have been released for patching critical vulnerabilities in earlier versions of the two programs for Windows, Macintosh and UNIX. The flaws caused the applications to crash and could potentially allow an attacker to take control of the affected system. As the update is an out-of-cycle [...]

Read Ahead →

» News

Facebook vulnerable to Clickjacking

Facebook again in news for security scams. This time the popular social networking site was found vulnerable to Clickjacking. Security firm Sophos found that the “Share” feature which posts content to the user’s wall was the culprit. Complete details: http://www.cio.com/article/603697/Facebook_Warns_of_Clickjacking_Scam?source=ClubHack

Read Ahead →

» News

Researcher Cracks Google’s ReCAPTCHA

Chad Houck, an independent researcher, demonstrated how he solved Google’s reCAPTCHA program even after recent improvements made to the anti-bot and anti-spam tool by the search engine giant, Google. Houck had published a white paper on the hack prior to presenting his research at Defcon in Las Vegas, and says that Google made several fixes [...]

Read Ahead →

» News

Apple patched a bug in Safari5(CVE-2010-1778)

Apple patched a bug in Safari which was reported to the Apple security team by Billy (BK) Rios. The impact of the bug was listed as a vulnerability that could “cause files from the user’s system to be sent to a remote server”. Safari has a built-in RSS/Feed processor which takes RSS files and transforms [...]

Read Ahead →

» News

Twitter Bug!

This bug was first reported by forum user Chris White who posted a step-by-step of how to make it happen.Twitter employee John Adams posted a thanks to Chris White on Google Groups for exposing the bug, and said “I filed a bug with our webclient team,” so a fix is sure to come in the [...]

Read Ahead →

» News

DoS easier in a Cloud service scenario

In a proof of concept (PoC) exercise researchers were able to bring down a small company off the internet. The reasearchers registered as legitimate users for Amazon’s EC2 service and conducted targeted attacks on the clients network to cause a complete DoS. Details: http://www.darkreading.com/smb-security/security/perimeter/showArticle.jhtml?articleID=226500300

Read Ahead →

← Previous Entries