1 day ago by Donald Sears

The latest version of Microsoft's Internet Explorer browser contains a bug that can enable serious security attacks against websites that are otherwise safe. The flaw in IE 8 can be exploited to introduce XSS, or cross-site scripting, errors on webpages that are otherwise safe. Read the full article ...

threatpost - The First ... - threatpost.com/en_us/frontpage

1 day ago by Donald Sears

The latest release (PHP 5.3.1) features the addition of the "max_file_uploads" INI directive, which can be used to limit the number of file uploads for each request to 20 by default. By limiting the number of uploads per-request, users can prevent possible denial of service (DoS) attacks. Missing sa ...

threatpost - The First ... - threatpost.com/en_us/frontpage

2 days ago by Donald Sears

A viral marketing campaign designed to exploit your anticipation over the New Moon movie coming out tomorrow may look like normal free media you’ve come to expect on the Internet. A scareware purveyor has been spreading bad URLs, with the help of corrupted Google search results, having to do with th ...

threatpost - The First ... - threatpost.com/en_us/frontpage

2 days ago by Donald Sears

Online, the biggest battle these days is against botnets: networks of infected computers which hackers can use -- unbeknownst to the machine's owner -- for online crimes including sending out spam or launching a denial of service attack. The black-hat techniques employed to snare users into a botnet ...

threatpost - The First ... - threatpost.com/en_us/frontpage

2 days ago by Ryan Naraine

Back in September, when Google launched the Google Chome Frame plug-in for Internet Explorer users, Microsoft immediately warned that the move would increase the attack surface and make IE users less secure. Now comes word that a security researcher in the Microsoft Vulnerability Research (MSVR) has ...

threatpost - The First ... - threatpost.com/en_us/frontpage

2 days ago by Donald Sears

Hackers could one day turn ordinary smart phones into “rogue” devices to attack major wireless networks, Research In Motion's security chief warned. Scott Totzke, RIM's vice-president of BlackBerry security, said hackers could use smart phones to target wireless carriers using a technique similar to ...

threatpost - The First ... - threatpost.com/en_us/frontpage

3 days ago by Sonal Shah

When most of us think about IT security, some of the more common terms come to mind. Things like access, authorization, roles and identity. Those of us who are not directly related to patch management often times fail to remember that IT security also has to do with securing the infrastructure that ...

The X Factor - shahblog.solstice-consulting.com

3 days ago by Donald Sears

Mozilla will add a new lockdown feature to Firefox 3.6 that will prevent developers from sneaking add-ons into the program, the company said. The new feature, which Mozilla dubbed "component directory lockdown," will bar access to Firefox's "components" directory, where most of the browser's own cod ...

threatpost - The First ... - threatpost.com/en_us/frontpage

4 days ago by macadvocate

It is recommended that you configure a local SUS server to manage Apple software updates. The Altiris Patch for Mac solution can then simply pull the updates locally rather than have every client pull them individually from Apple’s web site. https://kb.altiris.com/article.asp?article=47899&p=1

The Daily Mac Advocate - thedailymacadvocate.wordpress.com

4 days ago by Donald Sears

Windows users running 64-bit versions of the operating system are less likely to get infected by attack code, Microsoft's security team said yesterday. But that doesn't mean they won't, countered an outside security researcher. "There's a lot of 64-bit malware," said security researcher Alfred Huger ...

threatpost - The First ... - threatpost.com/en_us/frontpage