A presentation at 25C3 today detailed how researchers were able to create their own Certificate Authority that is recognized by all current webbrowsers, allowing them to create valid certificates for any website they like. While it’s presented as an example of why using MD5 hashes is considered harmful, it also serves as a perfect example […]
Graham Cluley warns people about a new wave of phishing attempts being sent via Google Calendar. These are legitimate mails, receiving via Google Calendar, from Google’s mailservers, looking just like a real invitation for a meeting or party. In fact, it is just that. A phisher creates a fake Gmail account, sets up a meeting […]
As more people are becoming concerned about their online privacy, the use of tools to protect that privacy such as Tor and Privoxy is getting more common. One of the main features that these offer are “hiding” your IP address; privoxy by offering the option to send all your traffic through a proxy server, and Tor […]
Microsoft just released MS08-78, a security bulletin describing the issue that has been affecting Internet Explorer users for almost a week (CVE-2008-4844). The bug is fixed for Internet Explorer 5.01, 6, 7 and the beta version of IE8. As Microsoft points out on their Internet Explorer homepage, the browser is now “safer than ever”. Don’t […]
This is a bad week for browser security; not only is Microsoft rushing out an emergency patch tonight, other browser makers are releasing their own updates as well as people worldwide go online to do their Christmas shopping. Opera released version 9.63 of their browser yesterday, fixing several security issues. The most critical ones allow […]
Microsoft has just announced that a fix for the critical bug in Internet Explorer 5, 6 and 7 is to be published tomorrow. As usual, there will be webcasts detailing the fixes: Microsoft is hosting two webcasts to address customer questions on these bulletins: on December 17, 2008, at 1:00 PM Pacific Time (US & […]
And it’s not because Twitter is buying tons of Dell gear; Dell is using Twitter for advertising, and people are willingly signing up to receive these messages. Quoting InternetNews: Less altruistically, some businesses have discovered that Twitter is an effective way of communicating with consumers. Dell (NASDAQ: DELL) says Twitter has produced $1 million in […]
That might sound like a stupid thing to ask. If your account is emptied, you surely did something wrong. You were careless with your password, didn’t update your virus scanner, clicked some links in a spam message that happened to install malware, et cetera. Right? So what happens when that’s not what happend? What if […]
More details about the zero-day exploit for IE7 are starting to surface. The most shocking detail is that this is actually an older issue: eEye reports that this was first seen on 11/15. eEye says that no mitigation strategies currently exist; Symantec suggests that disabling Javascript will at the very least disable the currect attack […]
Here’s why. Google is now offering their Adsense clients advertising on the iPhone and G1 phones. Here’s the short version of what happened in the last two years: Google noticed a trend: more people were starting to access the internet from their mobile phones But there were no mobile phones that could display their ads […]
