Google-owned online malware scanner VirusTotal this week announced the availability of sandbox execution for Mac OS X apps.
Tag Archives: Web Security
LinkedIn Fixes Persistent XSS Vulnerability
LinkedIn fixed a persistent cross site scripting vulnerability in its site this week that could have spread a worm on the service’s help forums.
Carnegie Mellon Says It Was Subpoenaed-And Not Paid-For Research On Breaking Tor
Carnegie Mellon University implied in a statement that it received a subpoena requesting its research on breaking Tor hidden services, and also implied it was not paid $1 million for the work as alleged by the Tor Project.
Inside the Conficker-Infected Police Body Cameras
A Florida integrator who discovered the Conficker worm lurking in body cameras meant for police use takes Threatpost inside the story, including a frustrating disclosure with a disbelieving manufacturer.
Adobe Pushes Hotfix for ColdFusion
Adobe patched vulnerabilities in ColdFusion, LiveCycle Data Services and Premiere Clip for iOS.
Patched Libpng Vulnerabilities Have Limited Scope
Most applications, including Firefox, are not vulnerable to a pair of memory corruption vulnerabilities patched in the libpng PNG reference library.
Attackers Can Use SAP to Bridge Corporate, Operational ICS Networks
Research presented during Black Hat Europe demonstrates how attackers can abuse business applications connected to ICS and SCADA gear.
One BadBarcode Spoils Whole Bunch
At PacSec 2015, researchers demonstrated attacks using poisoned barcodes scanned by numerous keyboard wedge barcode scanners to open a shell on a machine and virtually type control commands.
One BadBarcode Spoils Whole Bunch
At PacSec 2015, researchers demonstrated attacks using poisoned barcodes scanned by numerous keyboard wedge barcode scanners to open a shell on a machine and virtually type control commands.
Tor: FBI Paid CMU $1 Million to De-Anonymize Users
The Tor Project accuses the FBI of paying Carnegie Mellon University $1 million to attack Tor hidden services and uncloak users of the anonymity network.