A US Air Force security training exercise which created a false buzz about the filming of Transformers 3 succeeded in creating awareness of phishing issues, but went a little further than was expected.…
View full post on The Register – Security
A widely used proxy service thought to provide anonymous Web surfing and used to skirt network administrator bans on access to sites like Facebook frequently reveals sensitive information about its users, according to a Swiss security researcher.
Glype is a small bit of PHP code that routes requests for Web pages through other Web pages running its software, said the researcher, who runs the Swiss Security Blog and the Zeus Tracker project. He prefers to remain anonymous.
View full post on Security Central – Infoworld
Microsoft published KB article #983438 late yesterday, with details about a XSS vulnerability within a SharePoint site. This vulnerability may be used to elevate privileges in Sharepoint. SharePoint Services 3.0 and SharePoint 2007 are affected.
Microsoft notes that the vulnerability is harder to exploit if Internet Explorer 8′s built in XSS filter is used by administrators of the site. Another action that may help to mitigate the problem is to restrict access to the vulnerable Help.aspx file. With SharePoint using httponly cookies, the impact of the vulnerability is somewhat limited.
[1] http://www.microsoft.com/technet/security/advisory/983438.mspx
[2] http://blogs.technet.com/srd/archive/2010/04/29/sharepoint-xss-issue.aspx
——
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
View full post on SANS Internet Storm Center, InfoCON: green
Product Description
The Cisco Catalyst 3560 Series is a line of fixed-configuration, enterprise-class switches that include IEEE 802.3af and Cisco prestandard Power over Ethernet (PoE) functionality in Fast Ethernet and Gigabit Ethernet con… More >>
A majority of U.S. citizens are unaware of how their online data is stored and who secures it, according to a Business Software Alliance (BSA) survey. Approximately one in five U.S. citizens said they…
View full post on Help Net Security – News