Previous
OpenOffice password crack is open to abuse
News Paul Wood, senior analyst at email security vendor MessageLabs, said that it opened a possible attack vector from disgruntled employees. One attack vector is if a rogue employee has access to file-share password-protected documents.
[April 23, 2007, 17:39]
Microsoft's February security bulletins
News Microsoft has tested multiple workarounds for this attack vector, but they involve editing the registry. Microsoft has rated it critical because a successful exploit would permit a remote attacker to take complete control of a vulnerable system...
[February 21, 2006, 13:30]
Microsoft launches Internet Explorer 8
News Microsoft also says it has tackled the issue of cross-site scripting, which refers to a browser attack vector that uses compromised web sites. Using this vector, malicious code injection in a website can allow a browser session to be hijacked...
[March 19, 2009, 3:00]
Microsoft leaves Word flaws unpatched
News The vulnerability lies in a Windows component called "vgx.dll" that is meant to support Vector Markup Language documents in the operating system. VML is used for high-quality vector graphics on the Web.
[January 10, 2007, 8:52]
Shady sites exploit another IE flaw
News This component is meant to support Vector Markup Language documents in the operating system. VML is used for high-quality vector graphics on the Web. This new zero-day attack is trivial to reproduce and has great potential for widespread Web-based...
[September 20, 2006, 10:40]
Infection began with a windscreen flyer
Blog Comment "I've never heard of windscreens as an attack vector. No - its usually just Windows *boom* *boom*
[February 5, 2009, 13:32]
The Sky IS Falling: The Need for Stronger Consumer Online Banking Authentication
White Papers Classic phishing depends on e-mail as the "Attack vector," the method to gain access to individuals' computers. This paper says that the newer attack techniques are of a different kind than classic phishing and require different defenses.
[June 24, 2009, 16:02]
VeriSign: Major Internet security update by 2011
News When fully and properly implemented, DNSSEC stops cache poisoning and closes a significant attack vector. VeriSign has said that a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical...
[November 16, 2009, 4:00]
Facebook evolves into an attack tool for criminals
News As Facebook evolves from a University alumini network into an enterprise tool, VeriSign iDefense security experts are warning that the platform is turning into a prime attack vector for cybercriminals.
[July 30, 2007, 8:18]
The Anatomy of Cross Site Scripting
White Papers They are unique in that, rather than attacking a server directly, they use a vulnerable server as a vector to attack a client. Many documents discuss the actual insertion of HTML into a vulnerable script, but stop short of explaining the full...
[February 21, 2005, 23:00]
Microsoft lifts the bonnet on XP SP2
Talkback Quietly introduce yet another attack vector (I'll let the more astute amongst us find that particular gem in the above article). So, all in all: Prevent users from being fucking stupid. Implement yet another set features that are trivial on any...
[July 31, 2004, 16:54]
Windows attack code made public
News The attack code exploits a flaw in the way Windows handles Vector Markup Language, or VML, documents, which are used for a type of high-quality graphic on the web. However, attack code hadn't been available publicly.
[January 17, 2007, 7:48]
Phone phishing attack hits US
News Basically they're taking a social engineering attack vector with a lot of users," Paul added. Criminals have launched a blended attack which attempts to lure users to a malicious Web site via text message.
[June 23, 2006, 17:05]
Nuclear Attack!
Downloads The game uses a 3d vector graphic style very similar to the Atari vector titles of the early 80s. Nuclear Attack! is a simple shooting game with a classic arcade feel. Your objective is to shoot out specific buildings in a primitive cityscape from...
[December 31, 2005, 7:00]
OS X under attack
News The worm uses a Bluetooth attack vector (input validation vulnerability) to spread. Is it a Big Mac attack? I never did buy into the theory that Apple's software was immune to malware or significant vulnerabilities - I've always figured that...
[March 1, 2006, 12:55]
Microsoft Security Bulletin MS03-041
Downloads The risk of attack from the HTML email vector can be significantly reduced if the following conditions are met: You have applied the patch included with Microsoft Security bulletin MS03-040 You are using Internet Explorer 6 or later You are using...
[October 16, 2003, 8:00]
JavaScript attack maps secure networks
News SPI Dynamics deserves credit for a clever attack vector and a solid demonstration of the issue. Security researchers have found a way to use JavaScript to map a home or corporate network and attack connected servers or devices, such as printers or...
[July 31, 2006, 9:00]
Flaw lets malicious Web pages attack Windows
News The email vector is only a threat with an older version of Outlook," said Iain Mulholland, security program manager for Microsoft's security response centre. Second, exploiting such flaws through Web pages requires that the person under attack...
[March 20, 2003, 8:21]
Top 10 Threats to SME Data Security
White Papers It also suggests practical techniques and defenses to counter each vector. Because subscribers are time-constrained, over-worked IT professionals, it alerted only when it knows an attack is not merely feasible, but likely.
[September 2, 2009, 1:22]
IE users brace for attack
News The most probable vector for this worm will be in the form of spam with malicious links that will tempt users into clicking on a link that takes them to a malicious Web site. Once the computer is infected, an attacker could take control of the...
[March 24, 2006, 10:10]
