Apple App Store was vulnerable for more than Half year

A Google developer helps Apple to fixed a security flaw in its application store that for years has allowed attackers to steal passwords and install unwanted or extremely expensive applications. Security loophole allowed attacker to hijack the connection, because Apple neglected to use encryption...

CRIME : New SSL/TLS attack for Hijacking HTTPS Sessions

Two security researchers claim to have developed a new attack that can decrypt session cookies from HTTPS Hypertext Transfer Protocol Secure connections. From the security researchers who created and demonstrated the BEAST Browser Exploit Against SSL/TLS tool for breaking SSL/TLS encryption comes...

[SECURITY] Fedora 15 Update: mozilla-https-everywhere-2.0.3-2.fc15

HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to...

[SECURITY] Fedora 16 Update: mozilla-https-everywhere-2.0.3-2.fc16

HTTPS Everywhere is a Firefox extension produced as a collaboration between The Tor Project and the Electronic Frontier Foundation. It encrypts your communications with a number of major websites. Many sites on the web offer some limited support for encryption over HTTPS, but make it difficult to...

Your Android Phone is Spying On You, Use custom ROM To Protect your Privacy

Your Android Phone is Spying On You, Use custom ROM To Protect your Privacy In this digital age, privacy is more important than ever. Just because you "don't have anything to hide," does not mean that you shouldn't value your privacy or fight for it when companies do things like this, especially...

DroidSheep Android App Hijacks Sessions in One Click, Developer Meant Well

Following the success of the Firesheep application, a new Android application called DroidSheep allows users to hijack Web sessions of popular online services over insecure Wifi connections. DroidSheep enables Android-based man in the middle attacks against a wide range of Web sites, including...

Facebook Used Social Authentication To Shield Tunisian Protesters

Faced with the Tunisian government’s efforts to hack the Facebook accounts of protesters, Facebook’s security team stepped up its use of social authentication to help secure protester’s accounts. A new account of the role of the Facebook in aiding widespread protests against the regime in Tunisia...

Debian Security Advisory DSA 1468-1 (tomcat5.5)

The remote host is missing an update to tomcat5.5 announced via advisory DSA 1468-1. OpenVAS Vulnerability Test $Id: deb14681.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1468-1 tomcat5.5 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian DSA-1468-1 : tomcat5.5 - several vulnerabilities

Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-0128 Olaf Kock discovered that HTTPS encryption was insufficiently enforced for single-sign-on cookies, which...

DSA-1468-1 tomcat5.5

Bulletin has no description...