Web Security


Flash To Be Under the Scope At Black Hat DC

At Black Hat DC, Foreground Security Senior Security Researcher Mike Bailey will examine Flash’s security model and take a look at some of the ways attackers can leverage Adobe Flash vulnerabilities to compromise a system. Read the full article. [eWEEK]

Firefox Hole Exploited On IRC

Underscoring a little-known web vulnerability, hackers are exploiting a
weakness in the Mozilla Firefox browser to wreak havoc on Freenode and
other networks that cater to users of internet relay chat. Read the full article. [The Register]

VMware Warns Of Vulnerabilities

VMware advises on vulnerabilities that relate to problems in the Java Runtime
Environment (JRE) where several of the 47 flaws can be used by
an attacker to compromise a systems. Read the full article. [The H Security]


More than 300 Web sites are being pestered by infected computers that are part of the Pushdo botnet, according to security researchers. Read the full article. [Security Central]

When a computer virus infection at a business allows thieves to steal tens of thousands of dollars from the company’s commercial banking account, banks typically don’t reimburse the victim company. But the truth is, most banks make that decision on a case-by-case basis. Take, for example, the case of two Umpqua Bank customers in Vancouver, Wash., both of which suffered major financial losses last year after compromises at employee computers allowed thieves to access their accounts remotely. Read the full article. [KrebsonSecurity]

By Magnus KalkuhlHave you ever found a false positive when uploading a file to a website like VirusTotal? Sometimes it happens that not just one scanner detects the file, but several. This leads to an absurd situation where every product which doesn’t detect this file automatically looks bad to users who don’t understand that it’s just false positives.

Google may have threatened to leave China in order to keep us all from concluding that “the cloud” can’t be secured. But isn’t that precisely what we should conclude based on the fact that Google chose to leave China? Read the full article. [Computerworld]

Social networking sites are ideal havens for online criminal activities as they provide a combination of two key factors: a huge number of users and a high-level of trust among these users, cautioned a security specialist. ZDNet Asia spoke to industry experts who highlight the top five security threats enterprises should be mindful about when using social networking sites. Read the full story [ZDNet]

Matthew Delorey of New Bedford, MA was arrested on wire fraud and conspiracy charges
relating to his sale of hacked cable modems modified to permit a user to hide his or her identity
and steal service from Internet service providers. Read the full statement. [FBI.gov]

According to researchers, cybercriminals are trying to
sell hacked Twitter user names and passwords online for hundreds of
dollars and as much as $1000. Read the full article. [Computerworld]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.