A security researcher warns that an insecure update mechanism for some of the open-source browser’s third-party add-ons could allow an attacker the ability to install malicious code.
SecurityFocus
Entries Tagged as 'Flaws and vulnerabilities'
Insecure plug-ins pose danger to Firefox users
May 30th, 2007 · No Comments
Tags: Flaws and vulnerabilities · Open Source · Research · Security · SecurityFocus
Peer-to-peer networks co-opted for DOS attacks
May 28th, 2007 · No Comments
Attackers compromise the hub servers of the DC++ peer-to-peer network, turning hundreds of thousands of clients into hard-to-stop distributed denial-of-service attacks.
SecurityFocus
Tags: Critical infrastructure · Flaws and vulnerabilities · Security · SecurityFocus · Viruses and worms
“Data storm” blamed for nuclear-plant shutdown
May 18th, 2007 · No Comments
A Congressional committee calls for the Nuclear Regulatory Commission to further investigate the cause of excessive network traffic that shut down an Alabama nuclear plant.
SecurityFocus
Tags: Critical infrastructure · Flaws and vulnerabilities · Government · Homeland Security · Security · SecurityFocus
Experts scramble to quash IPv6 flaw
May 9th, 2007 · No Comments
Only a few weeks after researchers raised the design issue in the next-generation Internet protocol, two drafts to the Internet Engineering Task Force propose different fixes.
SecurityFocus
Tags: Critical infrastructure · Flaws and vulnerabilities · Research · Security · SecurityFocus
A Mac gets whacked, a second survives
April 21st, 2007 · No Comments
Researchers use a previously unknown flaw in Apple’s Safari browser to compromise a MacBook Pro and win the PWN to Own contest, but does the hack actually prove anything?
SecurityFocus
UPDATE: More on the vulnerability, which is a Java flaw in QuickTime.
Tags: Consumer Tech · Flaws and vulnerabilities · Research · Security · SecurityFocus · Software
MacBooks withstand mild attacks on patch day
April 19th, 2007 · No Comments
On the same day that Apple releases an update for its Mac OS X, security professionals at a conference in Canada show little initial interest in attempting to crack the security of two MacBook Pros.
SecurityFocus
Tags: Flaws and vulnerabilities · Research · Security · SecurityFocus · Software
Attackers improve on JavaScript trickery
April 18th, 2007 · No Comments
Latest malicious software throws in more obfuscation and works harder to foil defenders’ attempts at reverse engineering.
SecurityFocus
Tags: Consumer Tech · Flaws and vulnerabilities · Research · Security · SecurityFocus
Developers warned to secure AJAX design
April 4th, 2007 · No Comments
A flaw in the way many asynchronous JavaScript and XML (AJAX) frameworks use the scripting to communicate data between a server and client allows malicious sites to hijack the conversation.
SecurityFocus
Tags: Flaws and vulnerabilities · Research · Security · SecurityFocus
TJX theft tops 45.6 million card numbers
March 30th, 2007 · No Comments
In its annual filing to the U.S. Securities and Exchange Commission, the retail giant states that it will never be able to fully account for all the data stolen.
SecurityFocus
Tags: Cybercrime · Flaws and vulnerabilities · Security · SecurityFocus
Groups team to test secure-coding skill
March 28th, 2007 · No Comments
A coalition of security companies and organizations team to create assessment tests to certify programmers knowledge of secure-coding practices.
SecurityFocus
Tags: Flaws and vulnerabilities · Security · SecurityFocus · Software