By Mark Joseph Edwards, 09/09/2009
Microsoft unleashed a series of critical security patches during its September software update cycle.
By Mark Joseph Edwards, 09/09/2009
Time to upgrade your Wordpress sites. A vulnerability in versions prior to 2.8.4 could let the bad guys reset passwords. And there's a nasty worm infiltrating sites based on an ...
By Mark Joseph Edwards, 08/13/2009
If you don't have SSL available to transmit data via HTTP you can still help protect that data during transit using a little jQuery magic.
By Mark Joseph Edwards, 08/12/2009
Since Twitter is so hugely popular it makes sense that someone would create a tool to help protect users from malicious URLs within the posts at the site.
By Mark Joseph Edwards, 08/12/2009
Ever heard of Flash cookies? They're often used to track your activity. And sometimes even if you delete them they reappear.
By Mark Joseph Edwards, 07/23/2009
University of Washington researchers have a created a way to automate encryption key expiration, which means data can become inaccessible over a given period of time.
By Mark Joseph Edwards, 07/23/2009
By now you've heard the news that Google will eventually release an operating system called Chrome OS. There's no big surprise there. But the future of desktops might become ...
By Mark Joseph Edwards, 07/13/2009
It appears that Firefox will gain some much-needed Content Security Policy (CSP) that will help defend against XSS attacks, Clickjacking, and packet sniffing.
By Mark Joseph Edwards, 07/08/2009
SANS reports (via CSIS in Denmark) that a new 0-day exploit against Microsoft DirectShow is loose on the net.
By Mark Joseph Edwards, 07/08/2009
Kon-Boot looks like a very interesting tool since it can get you into a system without having to logon first.
By Mark Joseph Edwards, 07/08/2009
It looks like the popular milw0rm site has gone offline - possibly never to return.
By Mark Joseph Edwards, 07/01/2009
Wireshark 1.2.0 is out. The new version of this popular packet sniffer includes many new features, including GeoIP integration, a 64-bit Windows installer, and more.
By Mark Joseph Edwards, 07/01/2009
Finjan released SecureBrowsing, which is a browser extension than scan Web pages in realtime to detect potentially malicious content.
By Mark Joseph Edwards, 07/01/2009
Some registrars use wildcard DNS systems to redirect users to their own sites when a DNS lookup fails, which can occur in a variety of circumstances. ICANN's Security and ...
By Mark Joseph Edwards, 06/17/2009
Someone discovered a way to sniff sites from your browser history without using Javascript. Instead it uses an iframe that loads a server-side PHP script to do all the heavy ...
By Mark Joseph Edwards, 06/17/2009
Jonathan Zdziarski's hour-long presentation regarding iPhone Forensics is now online at YouTube.
By Mark Joseph Edwards, 06/17/2009
Webmail is inherently insecure for several different reasons - one of which being that without SSL your correspondence is easily sniffed and possibly even stored in your browser's ...
By Mark Joseph Edwards, 06/11/2009
Google released some statistics that reveal the top 10 malware sites in the world according to their site scanning research. You might want to blacklist all of them.
By Mark Joseph Edwards, 06/10/2009
Last week I mentioned StrongWebMail - a company that claimed they offer the strongest Web mail on the planet. That claim was proven false when a team of researchers bypassed ...
By Mark Joseph Edwards, 06/10/2009
Firefox users were up in arms over a Microsoft .NET extension that was silently installed without direct user approval. The extension was a bit tedious to remove for some people. ...