facebook

If an attacker can entice a user to visit an attacker controlled web page, the vulnerable ActiveX control could be invoked to download an attacker-modified package.

According to Apple's advisory accompanying the patch, the actual vulnerability was not in the Safari browser but in the way ATS (Apple Type Services) handles certain fonts.

The attacks occurred mostly on WordPress blogs hosted by Network Solutions but it appears that there are multiple security weaknesses in play.

The flaw occurs because the Java-Plugin Browser is running "javaws.exe" without validating command-line parameters.

Adobe is suggesting that users configure its PDF Reader product to limit the damage from an attack.

I received this mail:

Subject of mail is catchy and anyone can get diverted to it.at a first look url also seems to be coming from facebook but in fact it is not.
look at the highlighted url.thats the original url.so beware of it.

As everyone probably knows, Facebooks sourcecode has leaked. Facebook is sending out letters to everyone to stop publishing it's source code. I guess it's a little late for that. Everyone who knows Google can find it back. But I guess the problems doesn't stop there. It seems that they run a very old thttpd server, namely version 1.0. While it is a cool and tiny server, I would not run it. Just ask Google. Now, there is a tiny unnoticed lesson in this because the same happened to del.icio.us once. Imagine your server spits out PHP files as plain text.  read more »