Web Security


Google Buzz XSS Flaw Fixed

Google has fixed a Web flaw that gave hackers a way to take control of Google Buzz accounts. Read the full article. [Computerworld]

Top 25 Dangerous Programming Errors Updated

The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors is a list
of widespread and critical programming errors that can lead
to serious software vulnerabilities. Read the full article. [Common Weakness Enumeration/Mitre]

Following the Malware Supply Chain

While many outside of the security industry
still perceive “hackers” as teenagers or isolated geeks who work alone, a recent research report encourages the general
public to see malware as a cooperative industry that supports
specialists, economies, and supply chains. Read the full article. [Dark Reading]


Cybercriminals have been capitalizing on the world’s interest in the Winter Olympics in Vancouver to spread malware, experts warned. Attackers have been using Twitter and black hat search engine (SEO) optimization tactics to promote fake Olympics videos that are spreading malware. Read the full article. [Secure Computing]

A common Web programming error could give hackers a way to take over Google Buzz accounts with cross site scripting, a security expert said. Read the full article. [Computerworld]

In a bid to demonstrate that the French Chatenay-Malabry laboratory made a mistake
while analyzing his fateful urine sample that stripped him of his 2006 Tour de France win, Landis apparently commissioned a hacker to break into
their computers and steal documents that would help his cause. Read a security article. [HelpNet Security] Read the original article. [San Diego Union-Tribune]

A newly released report shows that based on more than a trillion Web requests processed in 2009, the use of malicious PDF files exploiting flaws in Adobe Reader/Adobe Acrobat not only outpaced the use of Flash exploits, but also, grew to 80% of all exploits the company encountered throughout the year. Read the full article. [ZDNet]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.