The U.S. Computer Emergency Readiness Team (US-CERT), the Internet security watchdog, released a security alert on Friday warning of a flaw in Microsoft's Internet Explorer which allows attackers to run programs on a user's computer.
The flaw is in IE's cross-domain security model, which keeps frame content from different sources separate. This means that attackers could run programs and view files using the privileges of the user running IE.
Jabber, the streaming XML technology mainly used for instant messaging, is well-suited to its most common task. However, Jabber is a far more generic tool. It's not a chat server per se, but rather a complete XML routing framework. This has some pretty far-reaching implications.
Every network device on your network has some type of logging capability. Switches and routers are extremely proficient in logging network events. Your organization's security policy should specify some level of logging for all network devices.
A KEY OPEN source tool used by developers to track and manage changes in computer code has six security glitches and counting.
Concurrent Versions System (CVS) is used to manage code on a number of top open source software development projects.
Discovered by German security firm E-matters, the six holes could enable remote attackers to launch denial of service attacks or run malicious code on systems hosting vulnerable versions of CVS.
The very idea of a wireless network introduces multiple venues for attack and penetration that are either much more difficult or completely impossible to execute with a standard, wired network. Wireless networks only know the boundaries of their own signal: streets, parks, nearby buildings, and cars all offer a virtual "port" into your wireless network.