A new Perspective on Firefox security

Patches from Novell, Debian Myspace Cracker Steals Firefox Passwords Researcher Web sites to access bank accounts, and other interesting reading

Novell's iPrint open to attack, say researchers
Attackers can exploit bugs in Novell's iPrint application to obtain corporate information or hijack computers, security experts said this week. Novell has issued a patch that plugs multiple holes in the ActiveX control that Novell ships as part of its iPrint product, but according to Danish bug tracker Secunia, one of the flaws remains unfixed.

Novell advisory

Secunia advisory
**********

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Novell's iPrint open to attack, say researchers
Attackers can exploit bugs in Novell's iPrint application to obtain corporate information or hijack computers, security experts said this week. Novell has issued a patch that plugs multiple holes in the ActiveX control that Novell ships as part of its iPrint product, but according to Danish bug tracker Secunia, one of the flaws remains unfixed.

Novell advisory

Secunia advisory
**********

Two new updates from Debian:

libTIFF (denial of service, code execution)

libxml2 (denial of service)
**********

Today's malware news:

Western Union MTCN #2989115571
Fake airplane tickets, greetings cards and credit card receipts. There's plenty of ZIPped trojans being spammed around. The one that's being seeded right now claims to be a bounced Western Union money transfer. F-Secure, 08/28/2008.

Myspace Cracker Steals Firefox Passwords
A "Myspace Cracking tool" has recently come to light, but it's after only one thing: Your personal details. The SpywareGuide Greynets Blog, 08/26/2008.
**********

From the interesting reading department:

Researcher Web sites to access bank accounts
Posting seemingly innocuous information - like a mother's maiden name or a pet's name - could help a crook access personal data stored by banks, financial services firms and other companies. Computerworld, 08/25/2008.

Podcast: Perspectives puts new look on Firefox security
Much has been made of Firefox 3.0's handling of self-signed SSL certificates this week. Coincidently, a team of researchers at Carnegie Mellon Univeristy released a new Firefox Add-On designed to deal with this very issue and help make Firefox more secure. David Anderson, assistant professor of computer science at CMU, talks about the Perspectives plug-in and how it can make your Firefox browsing experience a little more secure. Network World, 08/28/2008.

Article: Mozilla Firefox browser gets security boost

Locked iPhones can be unlocked without a password
Private information stored in Apple's iPhone and protected by a lock code can be accessed by anyone with just a few button presses. IDG News Service, 08/27/2008.

Malware infects space station laptops
Malware has managed to get off the planet and onto the International Space Station (ISS), NASA confirmed today. And it's not the first time that a worm or virus has stowed away on a trip into orbit. Computerworld, 08/27/2008.

Call out a phisher, get attacked by malware
Users tired of phishing attacks who retaliate by talking back are being targeted with exploits designed to hijack their computers, a security researcher said Tuesday. Computerworld, 08/26/2008.

Cyber-threat environment becoming increasingly severe
Today's cyber-threat environment is increasingly severe, compounded by the emergence of new types of attacks. Computerworld, 08/26/2008.

Keeping smartphones from becoming a security threat
My company is considering purchasing new smartphones for all employees and I am concerned about the implications of what this means for tracking our sensitive data. What are the special challenges of protecting data in an increasingly mobile workforce, and how can I meet my data protection goals? Network World, 08/25/2008.

Read more about security in Network World's Security section.