Browse by Tags
All Tags » Technology » Incidents ( RSS)
-
|
I guess you read it as it was pretty wide-spread in the press in the last few days: On the Insecurity of Microsoft's Identity Metasystem CardSpace . Well, is there any official Microsoft reaction to it? No, not yet and if you look a little bit more...
|
-
|
We just published yesterday two new pieces of guidance for the latest SQL Injection attacks, which I want to make sure you saw it: Preventing SQL Injections in ASP SQL Injection Attack – which is a great piece of work pulling the different views of the...
|
-
|
I posted yesterday on the Safari flaw ( Why Apple has to fix the Safari flaw ) as Apple did not acknowledge that this is a security vulnerability. Unfortunately we had now to release an advisory for this as we started to see that the bad guys could use...
|
-
|
Well, there was quite some chatter over the last few weeks with regards to the massive defacements we saw based on SQL Injection Attacks. So, what was really new? Close to nothing. Well, this is not completely true. The new thing we have seen with these...
|
-
|
Remember me talking about Is Security Research Ethical? I made a statement in there when it comes to responsible disclosure of vulnerabilities: And then, what does the vendor do with it? Does the company act on it? Now, we can debate on what a vulnerability...
|
-
|
I was reading this article this morning Internet failure hits two continents and was thinking about my dependence on the Internet. Well, outch: I am used to get the information I need everywhere! Always! Now! And I am used that the Internet is just here...
|
|
|