Sean Michael Kerner

A common capability on many Web server and content management platforms is the ability to perform Remote File Inclusions (RFIs), which allow users to simply upload an image or a file. Yet RFIs might well be the most pervasive threat on the Web today, according to new research published by cloud security firm Incapsula. Incapsula […]

As expected, Microsoft is out today with its monthly Patch Tuesday release for August, delivering fixes for a total of 23 vulnerabilities, spread across eight security bulletins, three of which are rated as being critical. Among the critical fixes are a pair of vulnerabilities that were first privately disclosed to Microsoft at the Hewlett-Packard Zero […]

Members of the open-source Fedora Linux Project gathered at the new Flock conference in Charleston, S.C., from Aug. 9 to 12 to discuss the future of their Linux distribution. It’s a future that could see Fedora take a new path forward that will see the distribution evolve from a general-purpose open-source operating system to a […]

Over the last three years, Google has paid out over $2 million as part of its Chromium and Google Web Vulnerability Programs. In my opinion, those programs have done much more than just secure Google and its direct users—it has helped improve the security of the Web for us all. Back in February 2010, I […]

Mozilla has delivered the beta version of its open-source Firefox 24 browser to provide developers and early adopters with a preview of technologies that will be generally available for consumers next month. The Firefox 24 Beta release follows hot on the heels of last week’s release of the Firefox 23 browser, which includes new security […]

For the last 10 years, the Pirate Bay Torrent search site has thumbed its nose at legal authorities around the world, making copyright-protected applications, games and movies available via its site. It’s an effort that the Pirate Bay is aiming to continue even in places where the site is blocked by ISPs and governments. While […]

Since the dawn of the Web era, one technology has steadfastly dominated as the world’s most popular Web server. That technology is the open-source Apache Web Server, commonly referred to simply as “Apache.” Internet research and security services firm Netcraft is now reporting that across the nearly 717 million Websites it has surveyed this month, […]

The chill that Americans continue to feel from the fallout over revelations related to National Security Agency surveillance of online activities is extending down the spine today as not one, but two encrypted email services are shutting down. Lavabit, an encrypted email service that allegedly counted NSA leaker Ed Snowden among its userbase, is suspending […]

The HP TippingPoint Zero Day Initiative (ZDI) sits at a very opportune place in the modern IT security threat ecosystem. Instead of just waiting to discover threats, ZDI buys security vulnerabilities from researchers in an effort to help secure both HP customers and the broader industry. Sitting at the top of ZDI for the last […]

Single sign-on (SSO) mechanisms offer the promise of users having a single credential (the sign-on) in order to log into multiple sites and services. When it comes to the Web, there are multiple sources of identity to power SSO, and open-source browser vendor Mozilla wants to be one of them. Mozilla launched its BrowserID effort […]