Apple released yesterday one of its biggest security updates which fixes not less then 88 known vulnerabilities. The Mac OS X v10.6.3 update is marked as “critical” an covers remote code execution, information disclosure, denial-of-service attacks and vulnerabilities for image and movie processing. You will find the full list of vulnerabilities at the Apple web [...]
This weeks outline: The editorial “Below the Line” is up to highlight news and headlines of the past week. Actually it isn’t possible to draw the whole picture but I hope you will get a nice and handy outline. Internal links to this blog are marked like this: ” “, external links like that: ” [...]
Two researchers yesterday won $10,000 each at the CanSecWest. The German researcher Nils found ways to disable DEP and ASLR by exploiting Mozilla’s Firefox 3.6. The other contestant Vreugdenhil of the Netherlands used a two-exploit combination to circumvent first ASLR and then DEP to successfully hack Internet Explorer 8. Each attack was made on a [...]
Msnbc reports that a French man has been arrested for hacking into the Twitter account of President Barack Obama an other celebrities such as Britney Spears. The 25-year-old man, who went by the online name of HackerCroll, was driven by the thrill of the challenge. French police were given a heads-up by the FBI. “He [...]
Bruce Schneier has updated his book Practical Cryptography, Niels Ferguson and he wrote in 2003. The new title is Cryptography Engineering and it is really the second edition of Practical Cryptography. Tadayoshi Kohno did most of the update work and added exercises. “Cryptography Engineering is a techie book; it’s for practitioners who are implementing cryptography [...]
The Register reported on a challenge where Swiss Army Knife maker Victorinox is asking to try and beat the biometric security built into its latest USB Flash drive-fitted penknife. Who manages it is going to win £100,000. You have to go to a Victorinox shop in London and you will get two hours of exploiting-time. [...]
This weeks outline: The editorial “Below the Line” is up to highlight news and headlines of the past week. Actually it isn’t possible to draw the whole picture but I hope you will get a nice and handy outline. Internal links to this blog are marked like this: ” “, external links like that: ” [...]
Secunia reported a Firefox vulnerability in Advisory SA38608 at Feb. 18. The only reference was a posting by Evgeny Legerov. Secunia had not tested the vulnerability because of a lack of detailed information, CSO Thomas Kristensen told me, and that previous vulnerabilities reported by this person had proved to be reliable. Daniel Veditz from Mozilla [...]
The Spanish anti virus vendor Panda reported at his blog, that Vodafone delivers HTC Magic with Mariposa bot. Vodafone Germany spokesman Thorsten Höpken told the German security website Heise Security, that it was only one single smartphone in Spain. He told, it has been manipulated in its packing by a customer and than recirculated with [...]
This week everything falls into place. Gartner titles “60% of virtualized servers will be less secure than the physical servers they replace through 2012“ until 2012. This trend won’t change until 2015, when it shall drop to 30%. The Gartners report describes the possibility for hackers to exploit the client or the host with certain [...]
