TechBlog

Pink Facebook? Red or black Facebook? No, it’s a scam you want to avoid. Share the knowledge with your friends! Credit to Norman Security for sharing 🙂

H-Security: Version 17 of Chrome has been released into the WebKit-based browser’s Beta channel. Its developers say that the new Chrome beta, version 17.0.963.26, is focused on improving two of the browser’s core principles: speed and security. To make Chrome “go even faster”, some web pages will start loading in the background before a user has even finished typing a URL into the Omnibox address and search bar. To reduce the time between a user pressing enter and the page being fully loaded, Chrome will pre-render some pages if the URL auto-completes to a site a user is likely to visit. According to Google Software Engineer Dominic Hamon, this will, in some cases, cause pages to appear “instantly”. ...

SophosLabs: Microsoft’s Ryan Gavin announced a new strategy to keep the web safe… Keep your Internet Explorer up to date. It is great news for Windows users who don’t appreciate the importance of staying up to date. Microsoft has been struggling with browser stragglers for years. They even ran their own campaign comparing IE 6 to spoiled milk including shameful infopr0n. Old versions of IE leave a considerable number of users vulnerable to old exploits, or in their parlance easy targets. ...

The H-Online: The first patches for the zero-day flaw in Adobe’s Acrobat and Reader applications, which the company confirmed was being exploited in the wild, have been released. The initial problem was caused by a memory corruption when processing Universal 3D (U3D) files, which could allow attackers to potentially take control of an affected system. The patches released also address a newly revealed critical flaw (CVE-2011-4369) which can cause memory corruption when processing Product Representation Compact (PRC) 3D files. ...

SophosLabs: Visa is investigating a potential security breach that may have compromised payment cards of Eastern Europeans. Although Visa hasn’t disclosed which countries were hit, the Romanian state-owned CEC Bank has blocked and reissued 17,000 cards on suspicion that they had been compromised. CEC Bank said in a statement that “a number” of cards issued by banks both in Romania and abroad might have been compromised via an international database. ...

Hi Folks! I would like to invite you to join my forum, its a small forum for now but by the time it will get better, feel free to join and express yourself in whatever you like, feel free to post whatever you like except advertisement, Thanks! 🙂 forum.omid.dev Thank you for joining in advance -Omid

Microsoft Malware Protection Center: Facebook malware attacks are not new. Scams spreading via status updates have been around for a long time, but in recent weeks one threat has been getting creative in terms of social engineering. Backdoor:Win32/Caphaw.A can intercept URL requests in both Firefox and Internet Explorer and it has been observed to post very personable updates on friends’ walls in Facebook, gaining access if the user is logged in. ...

Protect the Internet Help us stop the Internet Blacklist Legislation Mozilla: On November 16th, Congress holds hearings on the first American Internet censorship system. This bill can pass. If it does, the Internet and free speech will never be the same. Join us to stop this bill. Why? A few infringing links are enough to justify censoring an entire site, blocking good content along with the bad. ...

The Hacker News: Alexander Fuchs, A German Security Researcher Discover Persistent XSS Vulnerability in Official website of White House. “The petition system is vulnerable. Every Petition i start or join will execute my code. I could join all petitions and my code will be executed on all users who visit the petition system.” He said. Read full story in German: http://www.1337core.de/2011/die-whitehouse-gov-lol-petition/ The XSS Demo is here: https://wwws.whitehouse.gov/petitions/!/petition/security/WxgwM7DS Advisory: http://vulnerability-lab.com/get_content.php?id=308 What is XSS? http://en.wikipedia.org/wiki/Cross-site_scripting

mozillalinks.org: Do you need the forward button? Most likely yes, but it is rarely used compared to the back button, which is the single most used widget in any browser user interface. So it doesn’t make sense to keep it present at all times, stealing focus from its helpful neighbor. To address this, current Firefox nightlies feature the forward button as optional. If there is nowhere to go further, the button is hidden instead of just disabled as shown in the screenshot below. ...