[img_assist|nid=4529|title=|desc=|link=none|align=left|width=100|height=100]VideoLAN has released a security advisory to address multiple vulnerabilities in the VLC Media Player. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
Browsing Author: Ryan Naraine
[img_assist|nid=4509|title=|desc=|link=none|align=right|width=100|height=100]BOSTON — Privacy advocate Moxie Marlinspike used the spotlight of the SOURCE conference here to call attention to Google’s data harvesting practices, warning that the search engine giant can mine information to figure out even what Web surfers are thinking about.
[img_assist|nid=4478|title=|desc=|link=none|align=right|width=100|height=100]BOSTON — A prominent security consultant is urging a rethink of the way businesses handle user education and awareness, warning that the way attackers have latched on to social engineering techniques makes it difficult to cope with hacker attacks.
CBS News broadcaster Armen Keteyian reports that the advanced technology added to
the good, old-fashioned copy machine has opened a dangerous hole in data
[img_assist|nid=4385|title=|desc=|link=none|align=right|width=100|height=100]On the heels of a Black Hat EU presentation that exposed security problems with the cross-site scripting (XSS) filter in Internet Explorer 8, Microsoft plans to ship an update to the filter to fix what is hopefully the last remaining attack scenario.
[img_assist|nid=4423|title=|desc=|link=none|align=left|width=100|height=100]The New York Times is reporting that Google’s password system was compromised during a targeted attack last December.The system, called Gaia or Single Sign-On, controls access by millions of users worldwide to almost all of the company’s Web services, including e-mail and business applications.
[img_assist|nid=4404|title=|desc=|link=none|align=left|width=100|height=100]Security researchers at the Intrepidus Group have hacked into Palm’s new WebOS platform, using nothing more than text messages to exploit a slew of dangerous web app vulnerabilities.
[img_assist|nid=4403|title=|desc=|link=none|align=right|width=100|height=100]Forbes reporter Andy Greenberg polled a group of security researchers about the security posture of Apple’s new iPad device and comes away with a simple conclusion: The iPad is just as insecure as the iPhone. Some quotes from the story:
[img_assist|nid=4392|title=|desc=|link=none|align=right|width=100|height=100]The Cisco Secure Desktop contains a vulnerable ActiveX control that could allow an attacker to execute arbitrary code with the privileges of the user who is currently logged into the affected system, according to a warning from the networking vendor.
[img_assist|nid=4368|title=|desc=|link=none|align=right|width=82|height=111]In a sudden about-face, Sun has rushed out a Java update to fix a drive-by download vulnerability that exposed Windows users to in-the-wild malware attacks.The patch comes less than a week after Sun told a Google researcher it did not consider the issue serious enough to warrant an out-of-cycle patch and less than a day after researchers spotted live exploits on a booby-trapped song lyrics Web site.