The disclosure by Microsoft that they will disable license servers and eliminate the ability for MSN Music customers to listen to music purchased from the service on new computers drove the Electronic Frontier Foundation to cry foul.EFF Wonders About Digital
Internet service providers, Web site operators, and manufacturers of devices that are used by some to pirate content should play a part in stamping out that piracy, Sumner Redstone, chairman and controlling shareholder of both Viacom and CBS, said on
VMware says it's received a bad rap when it comes to security. The company's problems started with a 2006 presentation at the Black Hat security conference by Joanna Rutkowska, CEO of Invisible Things Lab. Ironically, Rutkowska's "Blue Pill" talk had
Starting Tuesday, there will be a few less Web sites popping up in Yahoo searches. That's because Yahoo plans to start filtering out malicious Web sites using McAfee's SiteAdvisor software, which warns Web surfers if they are about to visit
Ah, youth. Ready to take on the world, today's generation of dynamic, tech-immersed youngsters have grown up alongside the Internet. Firsthand, and sometimes single-handedly, they have advanced some of today's hottest technology trends, from peer-to-peer networking, to massively multiplayer online
LinuxSecurity.com: It was discovered that Cacti, a systems and services monitoring frontend, performed insufficient input sanitising, leading to cross site scripting and SQL injection being possible.
LinuxSecurity.com: It was discovered that start_kdeinit in KDE 3 did not properly sanitize its input. A local attacker could exploit this to send signals to other processes and cause a denial of service or possibly execute arbitrary code. (CVE-2008-1671)
LinuxSecurity.com: Roundup, an issue tracking system, fails to properly escape HTML input, allowing an attacker to inject client-side code (typically JavaScript) into a document that may be viewed in the victim's browser.
LinuxSecurity.com: It was discovered that Emacs did not account for precision when formatting integers. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly other unspecified actions. This issue
M.Hasran Addahroni has reported a vulnerability in Online Rental Property Script, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "pid" parameter in index.php is not properly sanitised before being used in SQL
Luigi Auriemma has reported a vulnerability in Call of Duty 4: Modern Warfare, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an input validation error when processing type
HP-UX has issued an update for Apache with PHP. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to bypass certain security restrictions, gain escalated privileges, or cause a DoS (Denial of Service).
Khashayar Fereidani has discovered a vulnerability in LifeType, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "newBlogUserName" parameter in admin.php is not properly sanitised before being returned to the user. This can
EgiX has discovered two vulnerabilities in DeluxeBB, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct SQL injection attacks. 1) Input passed to the "sort" parameter in forums.php is not properly
Notable headlines: Nate McFeters: Hacking NASA: One small step for man, one giant leap for hackers? Common misconceptions about database security Sapphire 2008: Dennis Howlett: The changing SAP culture Larry Dignan: SAP's Apotheker: Business ByDesign costs led...
Yes. Google's backing of oCERT is a major milestone in the history of open source. It's not that I have anything against the Computer Emergency Response Team at Carnegie-Mellon. They do important work, not only in identifying risks but in
PDP, the leader of the Gnucitizen White Hat Hacker outfit announced the opening of the House of Hackers social community yesterday. The House of Hackers is intended to enable its members to exchange ideas with each other, communicate, form groups,
LinuxSecurity.com: Configuring Samba for your office or home can provide many advantages. By encouraging users to store files on a central file server, you can simplify data backup and in some cases, software installation and maintenance.
