Lisa Vaas

Mozilla, on Sept. 19, ditched the ability to run arbitrary script from the Firefox command line, a quick fix for a year-old QuickTime bug that could be used to take over user systems. Security researcher Petko D. Petkov on Sept. 12 posted proof-of-concept code showing that the low-risk, year-old QuickTime bug could easily be turned […]

A security researcher has outlined six easy steps to exploit an Internet Explorer flaw to steal a Second Life members log-in credentials and hijack their virtual persona simply by tricking the victim into visiting a rigged Web page. The researcher, Petko D. Petkov—aka pdp—initially said hed rate the issue as medium risk unless the victim […]

Not surprising: In the first half of 2007, Microsoft was the top vendor when it came to publicly disclosed vulnerabilities. Likely surprising to some: Apple got second place. IBM Internet Security Systems X-Force R&D team released its 2007 report on cyber attacks on Sept. 17, revealing that the top five vulnerable vendors accounted for 12.6 […]

Widgets—those fun, graphic little applications that bring things like clocks and calculators to your desktop—are all plagued with lousy security and stand ready to unleash the next wave of malware onto users systems, according to new research. The security holes in these applications already have opened up: Microsofts MS07-048 advisory, put out on Augusts Patch […]

Brokerage powerhouse TD Ameritrade revealed on Sept. 14 that cyber-crooks have infiltrated its database of 6.3 million customers and have been sending targeted spam to stolen e-mail addresses. The companys voice mail is featuring a message from CEO Joe Moglia reassuring callers that no Social Security numbers have been accessed, although a spokeswoman told eWEEK […]

The Web site for the U.S. Consulate General in St. Petersburg, Russia, was broken into and was serving up malicious iFrames earlier the week of Sept. 10, according to security researchers. After trying to load a malicious iFrame onto victims systems from a remote server, the iFrame then attempted to silently load even more malware, […]

A researcher has shown that a low-risk, year-old QuickTime bug can easily be turned into a high-risk attack on Firefox, Internet Explorer, Skype and other programs. The researcher, Petko D. Petkov—aka pdp—on Sept. 12 posted proof-of-concept code showing how QuickTime media formats can be used to get into Firefox, leading to full browser compromise and […]

An exploit that attacks a critical Microsoft Agent vulnerability was published less than 24 hours after Microsoft released a relevant security advisory in its Sept. 11 Patch Tuesday set of releases. The security advisory for Microsoft Agent, MS07-051, was the only critical release out of four security advisories. It addresses a vulnerability whereby the Microsoft […]

The Great Firewall of China is no firewall after all. The Peoples Republic of China has no firewall perched on its routers to enable censors to block Internet sites. Rather, the authoritarian regime relies on a far more sophisticated censorship system that uses a keyword blacklist and routers that reach deep into Internet traffic to […]

Program to Aid Registry of First Responders”> An unknown number of first responders were lost in the Marriott Hotel concourse when the South Tower collapsed at 9:58:59 a.m. on Sept. 11, 2001. Scores of first responders died in the North Tower when it collapsed at 10:28:25 a.m. More than 300 first responders were lost in […]