Quantcast

Don't have an account? Register Now! Forgot password?

Maximum IT
NewsTwitter Users Hope Cure for Mikeyy Worm Lasts

Over Easter weekend, Twitter users were besieged by the Mikeyy worm

Over Easter weekend, many Twitter fans were getting worms instead of finding Easter Eggs, as the developer of a rival microblogging site (StalkDaily), one 17-year-old Michael "Mikeyy" Mooney, was busy drawing Twitter users to his site through infected links and Twitter profiles. According to PCWorld and the Twitter status page, the infection has now been brought under control. But inquiring minds want to know, "what happened?" and "how can we stop a future attack?" 

Doing a Google search for "Mikeyy" or "TwitterWorm" isn't the best way to find out, though, as the F-Secure security blog points out that fake news sites are being used to infect curious searchers with (unrelated) malware. To get the real scoop, join us after the jump.

Read More

NewsXSS Vulnerabilities at AmEx Website

AmEx website has XSS vulnerabilities, The Register reports

Before you drop in on the American Express website to see how much damage you did to your credit line with holiday shopping, you should know it's vulnerable to an XSS (cross-site scripting) exploit. As The Register reports, this news comes after a bungled attempt to fix the problem. As El Reg puts it,

The cross-site scripting (XSS) error that makes it trivial for attackers to steal americanexpress.com user's authentication cookies is alive and kicking. The confusion stems from a mistake made by many application developers who incorrectly assume that the root cause of a vulnerability is closed as soon as a particular exploit no longer works.

So far, only proof-of-concept exploits have been written to show how easy it would be to pilfer login credentials, but until AmEx really eradicates this problem, keep a careful eye on your website transactions. For a list of precautions you can take to stop XSS exploits, see our 2007 article.

Have you been victimized by an XSS error? Join us after the jump and sound off.  

Read More

NewsIE Climbs Into the "It's Not a Bug, It's a Feature" Browser Doghouse with Unpatched GIF Vulnerability

XSS vulnerability attacks IE

According to Kapersky Labs analyst Roel Schouwenberg, GIF files can include embedded JavaScript, and under certain circumstances, can be used to launch a cross-site-scripting (XSS) attack. Internet Explorer's vulnerable to this threat, and at least one web site's already been affected.

To find out how long Redmond's known about this problem, and how another browser vendor set Microsoft an example in how to deal with a reported vulnerability, join us after the jump.

Read More

COMMENTS 0
FROM THE ARCHIVEVista Security Features Finally Getting Some Respect

While Windows Vista often takes a beating 'round these parts for problems with speed and compatibility with older software, its improved security features are helping make video playback and web browsing more secure. Find out how.

Read More

COMMENTS 2
TAGS  XSS, QuickTime, IE8
NewsBrowser Wars, Part II

Find out who's king of the browser rendering sweepstakes, and which browser-come-lately has an "impossible" end-user license agreement - not to mention a couple of serious security flaws.

Read More

NewsLeaky Addons Make for Big Security Risks for Firefox Users

Find out why your favorite Firefox add-ons can leave your system crying "Don't Chrome Me, Bro!" - and how to protect yourself.

Read More

NewsFake Microsoft Update Email Can Ruin Your Evening - Stop It Now!

You know that Microsoft never sends out email messages with links to Microsoft Update or Windows Update. Do your friends, family and co-workers know that? If they don't - be prepared to mop up the mess.

Read More

FROM THE ARCHIVEGoogle's in the XSS Crosshairs - and So Are You

Googling your way around the Internet? Watch out - cross site scripting (XSS) makes Google and other sites less safe than you think.

Read More

This Month's Issue
FEATURE Windows XP/Vista/7 Tips!FEATURE Monitor Roundup: 7 LCDs ReviewedHOW TOMaster PhotoshopFEATUREAMD's Awesome New GPUWHITE PAPEROrganic LEDs