Security Alerts & News
by Tymoteusz A. Góral

History
#2016 The attack of the alerts and the zombie script
In our previous post we found a way to UXSS (bypass the SOP policy) using the htmlFile/ActiveXObject, however, I mentioned that there were other interesting things to do using that same object. Have you tried anything? If yes, congratulations. The only way to find bugs is by trying, and today we are going to explore another interesting thing that can be done with the same ActiveXObject.
Read more
#2018 OpenSSL update fixes high-severity DoS vulnerability
#2017 Firefox users fingerprinted via cached intermediate HTTPS certificates
#2016 The attack of the alerts and the zombie script
#2015 Hacks all the time. Engineers recently found Yahoo systems remained compromised
#2014 CryptoMix: Avast adds a new free decryption tool to its collection
#2013 Microsoft Security Bulletin MS17-005 - Critical
#2012 Java and Python FTP attacks can punch holes through firewalls
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12