News (363)

TCP flaw threatens Web servers

Two researchers in Sweden have found multiple flaws in the TCP stack that could lead to massive denial-of-service attacks if exploited. At present there is no workaround and there are no patches available. Read more »

Vista shunned in business survey

A new survey shows Microsoft's Windows Vista operating system is still playing second fiddle to XP with business users, with more enterprises confessing to checking out the unreleased Windows 7 OS than its predecessor. Read more »

How hackers broke into Palin's email

Details have emerged about how Republican vice-presidential candidate Sarah Palin's email account was broken into, including a hacker's claim he was able to impersonate her online to obtain her password. Read more »

Acrobat 9 crashes with malformed URLs

Certain URLs can cause Adobe Acrobat 9 to suffer a denial of service or crash, says a researcher. Read more »

Microsoft fixes eight critical flaws with four patches

Microsoft on Tuesday released its September 2008 security bulletin summary.The four bulletins concern Windows GDI+, Windows Media Player, and Microsoft Office OneNote. All are rated critical by Microsoft. There is no cumulative patch for Internet Explorer this month. Read more »

Google quietly updates Chrome

Search giant Google has quietly begun releasing a hastily prepared update to its Chrome browser to fix some security problems. Read more »

Aussie CIOs poke under Chrome bonnet

Australian chief information officers have shown a mixed reaction to Google's new Chrome browser, which was released in testing form last week to early adopters' praise. Read more »

Security firm spots Chrome 'SaveAs' flaw

It's been only a few days since Google released its Chrome browser, and security researchers are still digging into the software in search of the first few flaws. Read more »

Google plans 'Chrome' browser

Search giant Google has confirmed it will shortly unveil a new Web browser dubbed 'Chrome' and based on code from the Webkit project. Read more »

Flaw in BGP net protocol

Security researchers have warned of an underlying security issue concerning the Border Gateway Protocol, the core internet routing protocol. Read more »

More Exploit News Results

Features (96)

Send email alerts when errors are written to the event log

It is common for applications to write to the Windows Event Log when errors occur or a warning is issued, and with the advent of the .NET Framework, Microsoft has provided developers with built-in functionality to read and write data to or from the event log. Read more »

10+ things you should know about rootkits

Malware-based rootkits fuel a multibillion dollar spyware industry by stealing individual or corporate financial information. If that weren't bad enough, rootkit-based botnets generate untold amounts of spam. Here's a look at what rootkits are and what to do about them. Read more »

Find and fix weak OpenSSL/OpenSSH keys: Debian-based Linux vulnerability

A recent vulnerability was found in the OpenSSL package as provided by Debian and Debian-based Linux distributions, such as Ubuntu, that broke the effectiveness of the OpenSSL PRNG (Predictable Random Number Generator). Read more »

What is cross-site scripting?

Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. This article explains what it is and where the dangers lie. Read more »

Troubleshoot Apache with these tips

The Apache Web server is well-proven, but can still offer an administrator headaches from time to time when things go wrong. Read more »

Establish a patch management policy

Patch management is an issue that will always plague your organisation's network -- there will always be patches, updates, and security fixes to apply. Read more »

Managing yourself through a challenge

I often write about managing others through problems or crises because it's part of the day-to-day experience as a manager/leader. But what about managing yourself? Read more »

Labor should promise the kids XO, not XP

Should Labor get into power at the federal election next month, its promised "education revolution" rebate would be better spent on the world's largest single order for Negroponte's XO laptop instead of being a boon for traditional PC retailers and a certain software vendor from Redmond. Read more »

Understand the inner workings of generics in Java

Generics, an advanced feature of Java 1.5, allow type checking to make sure you fill your Collections and ArrayLists with only the types of Object you intend. Read more »

Windows rootkits 101

When administrators and security professionals hear the word rootkit, most think first of a UNIX-based system. Unfortunately, this only leads to a false sense of security for Windows-based systems. The fact is that Windows rootkits do exist, and you need to be able to detect them. Read more »

More Exploit Features Results

Video (2)

Play!
Five services to turn off in Windows XP

Running unnecessary Windows XP services can increase your vulnerability to exploits that might use those services as attack vectors. In this IT Dojo video, Bill Detwiler discusses five services that you should consider turning off and shows you how to disable them. Read more »

Play!
See how iPhone exploit works

A vulnerability has been discovered in the Safari browser of the iPhone, and this video is a brief demonstration of how it works. More details are set to be announced at this year's Black Hat security conference. Read more »

Blog (18)

Hack attack week

Staff [blogs:syslog] -- It wasn't a good week to be an Alaskan vice-presidential candidate, an online publication or even a multinational science project -- as all were compromised by hackers this week. Read more »

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

Australian twitterati talks malware

[blogs:bootstrappr] -- It was inevitable that micro-blogging service Twitter would become infested with malware, according to a number of high-profile Australian users of the service. Read more »

Sysadmin hijacks San Francisco while Torvalds attacks security circus

Staff [blogs:syslog] -- This edition of the Weekly Roundup looks at how one man has taken over the network of the city of San Francisco, take a glance at a local news start-up and Linus Torvalds calls out the IT security sector. Read more »

Dealing with the ego elephant in the room

Brendon Chase [blogs:codemonkeybusiness] -- Egomaniacs, swell-heads, know-it-alls, showboats, show ponies, narcissists, ego-trippers, big heads, and peacocks – work with one of these? Read more »

Assumption-based Hacking 101

Chris Duckett [blogs:betaliving] -- High-level thinking leads to assumptions, and assumptions are the mother of all mistakes -- consequently the best place to find a security hole is in a place where the programmer has made an incorrect assumption. Read more »

Firefox 3's better performance and memory improvements

Staff [blogs:syslog] -- As beta 5 is due to come out next week, I take a look at some of the new features and improvements in Firefox 3. Read more »

2008 -- where 2006 exploits still rule

Staff [blogs:syslog] -- So the question is: who is running their SQL servers on systems unpatched since 2006 and/or not installing service packs? The answer is clearly enough people to warrant continued exploitation. Read more »

Pirates rejoice!

Staff [blogs:syslog] -- This week's roundup brings news about Vista first service pack, PDF's standards push and a video of why the Web needs changing. Read more »

Apple shipping the Mark Webber of hard drives

Chris Duckett [blogs:betaliving] -- The hard drives within Apple computers seem to pull mechnical failure and random incidents into play whenever you think things are fine -- just like our man in F1: M. Webber. Read more »

More Exploit Blog Results

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Microsoft prescribes more REST

    Details have begun to emerge about the next versions of Visual Studio and Windows Server this week -- and the message from Redmond is to REST up Read more »

    -- posted by Staff

  • Chris Duckett .NET looks to REST

    With news that REST will play a big part in the next version of the .NET Framework, it is timely to take a look at ADO.NET. Read more »

    -- posted by Chris Duckett

  • Renai LeMay Spellr.us needs a new dictionary

    One of the only Australian start-ups to present at the recent round of conferences in the US was Sydney-based spellr.us, which has launched a Web-based tool to check and monitor websites for spelling mistakes. Read more »

    -- posted by Renai LeMay

What's on?