your source for security, BSD, open source and programming.
The Mozilla Security Blog has an article A Glimpse Into the Future of Browser Security that the CSF feature is now available in preview builds of Firefox.
Content Security Policy is intentended to mitigate against the web application vulnerabilites XSS and CSRF which increased considerabely over the last few years …
One of the few security portals hosting exploits, 0days and other vulnerabilities has closed it's doors. The guy behind Milw0rm, called str0ke, said he wasn't able to handle the sent in exploits and emails in an acceptible timeframe. All vulnerabilities were reviewed by him before it went online.
Because of …
OpenEAV, the free and open antivirus system for the enterprise is watching out for a talented and experienced C++/QT programmer with good knowledge of the STL and the Boost library. The client gui needs to be designed, implemented and must fit well around OpenEAV's core api.
Everyone who feels …
Symantec reports that most of their av products have a security issue in conjunction with prepared archive files. These could bypass the virus scanner because the file format is not correct but the operating system is still able to etract the files.
Also Frisk (F-Prot), Norman and Ikarus published updates …
Secunia, well known for their vulnerability research and vuln announcements, has released the Secunia 2008 Report as pdf.
The report shows that they release more advisories per year and 0-day vulnerabilities felt back to the 2006-level for decreasing about 40 percent. Also very interesting was the comparison of browser security …
