CVE-2006-5160

Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox...

FireSheep Fallout: Microsoft Adds HTTPS Option for Hotmail

Three weeks after researchers unveiled a plugin that allows Firefox Web browser users to snoop on the Webmail and social networking sessions of those around them, Microsoft has announced an option that will allow users of its Hotmail Web e-mail program to browse securely. The company said on...

Malicious URLs Pose Mobile Hijacking Risk

The security of mobile devices may be at risk for Web borne attacks because of loose policies for processing URLs Uniform Resource Locators, according to a report by security researcher Nitesh Dhajani. Writing on the SANS Application Security Blog, Dhanjani said that that way the iPhone’s operati...

Firesheep – Social Network Session Stealing/Hijacking Tool

A huge wave has been made by this tool in the mainstream media this week as it makes session stealing/hijacking a click and go procedure. It was released at Toorcon 12 and is simply a Firefox Add-on. Stealing sessions/passwords and so on is something we've been able to do for a LONG time using...

Week in Security: Toorcon and SecTor Wrap-up, Bugs and Stuxnet Stances

Autumn conferences grabbed the headlines this week as presentations at the Toorcon Conference in San Diego and SecTor in Toronto wrapped up October, with revelations about the vulnerability of social networking sessions and critical infrastructure headlining. In San Diego, talks at Toorcon came...

ToorCon: New Apps, Old Infrastructure Make Toxic Brew

In a variety of ways, experts at this weekend’s ToorCon Conference warned that the tidal wave of new devices and Web based services is straining an already aging Internet infrastructure, with privacy and security as the first victims. Call it the ‘schizophrenia of now’: a tidal wave of new...

Plugin, FireSheep, Lays Open Web 2.0 Insecurity

HED: New Tool, FireSheep, Lays Open Web 2.0 Insecurity DEK: The Browser Plug In Offers One Click Session Hijacking for Popular Social Networking Apps. Creators call for better session security. It’s no secret that Web sessions that use the bare HTTP protocol to transmit and receive data are...

ToorCon

San Diego, California, U.S. Southern California’s premiere hacking event, ToorCon is in its 12th year, after being launched by San Diego area 2600 user group members David Hulton aka h1kari and Ben Greenberg in 1999. No industry event, ToorCon is for serious security practitioners, offering...

CNN iReport: ToorCon Hacker Conference

At the ToorCon San Diego conference, a CNN iReporter talks with security professionals about basic security issues and then see Marty Morrow escape from handcuffs without a key!...

CVE-2006-5160

Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox...

CVE-2006-5160

Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox...

CVE-2006-5160

Technical details about CVE-2006-5160 are not publicly provided in the supplied documents; the records cite unspecified vulnerabilities in Mozilla Firefox with dispute from vendor/researchers. Monitor for updates.

CVE-2006-5160

Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox...

CVE-2006-5160

Multiple unspecified vulnerabilities in Mozilla Firefox have unspecified vectors and impact, as claimed during ToorCon 2006. NOTE: the vendor and original researchers have released a follow-up comment disputing this issue, in which one researcher states that "I have no undisclosed Firefox...

[Full-disclosure] 0day in Firefox from ToorCon '06

CNet is writing about some 0day vulnerabilities in Firefox that were demonstrated at ToorCon '06 by Mischa Spiegelmock and Andrew Wbeelsoi: http://news.zdnet.com/2100-100922-6121608.html Mischa and Andrew also claim to have found about 30 0day vulnerabilities in Firefox. The article mention that...