Home » Archive

Articles Archive for March 2011

In Other News | Posted 27 Mar 2011 | Comments Off on MySQL.com Compromised | 2,459 views
MySQL Panel

An email to the Full Disclosure mailing list has indicated that the main MySQL.com website is vulnerable to a blind SQL injection vulnerability. The email from Jack Haxor contained database listings, password hashes, and other data.

An attacker attempting a blind …

Quick Tips | Posted 25 Mar 2011 | Comments Off on This Connection Is Untrusted – Part 2 | 1,725 views
This Connection is Untrusted

Web browsers will complain when they can not validate a SSL certificate. In the past, I’ve written about the untrusted connection warnings related to unknown certificate authorities and certificate mismatches. I’d like to cover one more scenario – the warning …

Communications | Posted 23 Mar 2011 | Comments Off on Still Using IE6? | 1,700 views
Internet Explorer Panel

This site gets a fair number of users that are still surfing the web with Microsoft Internet Explorer 6. We don’t have any indication why these site visitors are still using IE6. We can tell from the search strings that …

In Other News | Posted 19 Mar 2011 | Comments Off on RSA Falls To APT | 1,943 views
RSA logo

RSA has posted an open letter stating that they have fallen victim to an Advanced Persistent Threat. An APT is a continuous advanced attack against specified targets to collect secret information. In this particular instance, the attacker managed to …

Communications | Posted 15 Mar 2011 | Comments Off on Twitter Adds HTTPS Setting | 1,072 views
Twitter Filler Panel

According to a recent blog post, Twitter has added a full time HTTPS setting to their service. The new setting will force the use of SSL for all pages rather than just during the login phase. The new HTTPS Only

Defense In Depth | Posted 13 Mar 2011 | Comments Off on Targeted Attacks Use MHTML Exploit | 1,524 views
Internet Explorer Panel

A post on the Google security blog has stated that the MHTML vulnerability is being actively exploited. The MHTML protocol, which is unique to Internet Explorer, allow  the browser to download multiple files in a single MIME encapsulated file. …

In Other News | Posted 5 Mar 2011 | Comments Off on IE6 Countdown! | 991 views
Internet Explorer Panel

Friends don’t let friends use Internet Explorer 6. That’s the message that Microsoft is trying to convey on their new IE6 countdown site. The 10 year old browser has fallen behind and is no longer consider to be a …

In Other News | Posted 2 Mar 2011 | Comments Off on Get Ready for Pwn2Own 2011 | 1,171 views
keyboard

Pwn2Own 2011 is quickly approaching. TippingPoint is offering $125,000 for successful exploits of the four major browsers and four cell phones. The browsers in the lineup this year include Internet Explorer, Safari, Firefox, and Chrome. The team to successfully hack each …