Home » Archive

Articles Archive for March 2011

An email to the Full Disclosure mailing list has indicated that the main MySQL.com website is vulnerable to a blind SQL injection vulnerability. The email from Jack Haxor contained database listings, password hashes, and other data.

An attacker attempting a blind …

Web browsers will complain when they can not validate a SSL certificate. In the past, I’ve written about the untrusted connection warnings related to unknown certificate authorities and certificate mismatches. I’d like to cover one more scenario – the warning …

This site gets a fair number of users that are still surfing the web with Microsoft Internet Explorer 6. We don’t have any indication why these site visitors are still using IE6. We can tell from the search strings that …

RSA has posted an open letter stating that they have fallen victim to an Advanced Persistent Threat. An APT is a continuous advanced attack against specified targets to collect secret information. In this particular instance, the attacker managed to …

According to a recent blog post, Twitter has added a full time HTTPS setting to their service. The new setting will force the use of SSL for all pages rather than just during the login phase. The new HTTPS Only

A post on the Google security blog has stated that the MHTML vulnerability is being actively exploited. The MHTML protocol, which is unique to Internet Explorer, allow  the browser to download multiple files in a single MIME encapsulated file. …

Friends don’t let friends use Internet Explorer 6. That’s the message that Microsoft is trying to convey on their new IE6 countdown site. The 10 year old browser has fallen behind and is no longer consider to be a …

Pwn2Own 2011 is quickly approaching. TippingPoint is offering $125,000 for successful exploits of the four major browsers and four cell phones. The browsers in the lineup this year include Internet Explorer, Safari, Firefox, and Chrome. The team to successfully hack each …