Home » Archive

Articles Archive for March 2011

MySQL Panel

An email to the Full Disclosure mailing list has indicated that the main MySQL.com website is vulnerable to a blind SQL injection vulnerability. The email from Jack Haxor contained database listings, password hashes, and other data.

An attacker attempting a blind …

This Connection is Untrusted

Web browsers will complain when they can not validate a SSL certificate. In the past, I’ve written about the untrusted connection warnings related to unknown certificate authorities and certificate mismatches. I’d like to cover one more scenario – the warning …

Internet Explorer Panel

This site gets a fair number of users that are still surfing the web with Microsoft Internet Explorer 6. We don’t have any indication why these site visitors are still using IE6. We can tell from the search strings that …

RSA logo

RSA has posted an open letter stating that they have fallen victim to an Advanced Persistent Threat. An APT is a continuous advanced attack against specified targets to collect secret information. In this particular instance, the attacker managed to …

Twitter Filler Panel

According to a recent blog post, Twitter has added a full time HTTPS setting to their service. The new setting will force the use of SSL for all pages rather than just during the login phase. The new HTTPS Only

Internet Explorer Panel

A post on the Google security blog has stated that the MHTML vulnerability is being actively exploited. The MHTML protocol, which is unique to Internet Explorer, allow  the browser to download multiple files in a single MIME encapsulated file. …

Internet Explorer Panel

Friends don’t let friends use Internet Explorer 6. That’s the message that Microsoft is trying to convey on their new IE6 countdown site. The 10 year old browser has fallen behind and is no longer consider to be a …

keyboard

Pwn2Own 2011 is quickly approaching. TippingPoint is offering $125,000 for successful exploits of the four major browsers and four cell phones. The browsers in the lineup this year include Internet Explorer, Safari, Firefox, and Chrome. The team to successfully hack each …