Browsing Author: Chris Brook

Week in Security: Further Flaws in Mobile Security and the AppSec Rundown

[img_assist|nid=7438|title=|desc=|link=none|align=left|width=64|height=64]The storm clouds over mobile security continued to gather this week with news of a new browser exploits for Android and a URL attack for iPhones, while OWASP’s AppSec conference in D.C. provided an update on Uncle Sam’s security priorities. Read on for Threatpost’s security Week in Review.


BlackSheep Plugin Bites Back: Detecting FireSheep Hijack Attempts

[img_assist|nid=7361|title=|desc=|link=none|align=right|width=100|height=100]With more than 600,000 copies of the FireSheep browser plug-in downloaded in a matter of weeks, Web security firm zScaler have released a new Firefox plug-in, BlackSheep, in hopes of combating attempts by those using FireSheep to try to hijack their Web session. 


Week in Review: Mobile Madness, Firesheep Speaks Up, Myanmar Knocked Offline

[img_assist|nid=7349|title=|desc=|link=none|align=right|width=87|height=87]The specter of politically motivated cyber attacks reared its head again this week, while closer to home, the names of two software giants: Google and Adobe were all over the headlines when it came to security this week, as several bugs were found…and fixed in the companies products. Read
on for the full week in review.


To Combat Firesheep, Microsoft’s Bing Looking Into SSL

Microsoft’s Bing is looking into SSL and other privacy
settings for the next version of their search engine. Currently the site strips
SSL when forced into HTTPS and in turn, brings up an advisory on browsers signaling
an unsafe connection.

Introduced at Toorcon, the Firefox extension allows
attackers to capture site cookies from users on unsecured wireless networks and
browse under their logon.


Week in Security: Toorcon and SecTor Wrap-up, Bugs and Stuxnet Stances

[img_assist|nid=7078|title=|desc=|link=none|align=right|width=100|height=100]Autumn conferences grabbed the headlines this week as presentations at the Toorcon Conference in San Diego and SecTor in Toronto wrapped up October, with revelations about the vulnerability of social networking sessions and critical infrastructure headlining.