Date: 07/19/06 (Security)    Keywords: security

Fixes glitches in delivery and installation of an update sent out last week in its monthly security bulletin.

Source: http://news.zdnet.com/2100-1009_22-6096179.html

Date: 07/20/06 (Java Web)    Keywords: security, web, spyware, microsoft

Millions of visitors to Myspace.com and other web sites have been infected with spyware by a banner advertisement according to iDefense, a Verisign company. iDefense, an Internet security company owned by Verisign, said the spyware infects unpatched versions of Windows using a security flaw in the way the operating system and Microsoft Internet Explorer open Windows [...]

Source: http://blog.taragana.com/index.php/archive/myspace-banner-ad-spreads-spyware/

Date: 07/22/06 (Java Web)    Keywords: security

Biometric security systems using fingerprints, iris scans and facial recognition have started to become mainstream. They are very likely to be common within a few years. And as soon as biometrics system will begin to be used to protect bank accounts or financial systems, crooks will start looking at ways of breaking into them. Biometric [...]

Source: http://blog.taragana.com/index.php/archive/beware-of-biometric-spoofing/

Date: 07/24/06 (Security)    Keywords: security

Partnership, slated to be announced on Tuesday, will include new security products.

Source: http://news.zdnet.com/2100-1009_22-6097849.html

Date: 07/24/06 (Security)    Keywords: security

Commentary--iPolicy Networks' Arun Chandra says managed network security services can deliver protection that fits the needs of your organization.

Source: http://news.zdnet.com/2100-1009_22-6097696.html

Date: 07/25/06 (Security)    Keywords: security

In a second report on Windows Vista security, Symantec concludes the Windows XP successor is prone to privilege-escalation attacks.

Source: http://news.zdnet.com/2100-1009_22-6097976.html

Date: 07/25/06 (Security)    Keywords: security, microsoft, google

Companies unveil joint consumer Internet security service that will help them compete against rivals such as Google, Microsoft.

Source: http://news.zdnet.com/2100-1009_22-6097994.html

Date: 07/26/06 (Computer Geeks)    Keywords: security

I'm building a home server (with a 350G Western Digital HD), and want to know which is better:

-Installing the operating system in the 350G hard drive,
-Partitioning off reserved space for the OS (and add another partition for data),
-Or giving the OS its own smaller hard drive (for security)?

Much with the thanking~

Source: http://community.livejournal.com/computergeeks/955341.html

Date: 07/26/06 (Security)    Keywords: security

New Trojan installs itself as Firefox extension, according to a security advisory by McAfee.

Source: http://news.zdnet.com/2100-1009_22-6098615.html

Date: 07/26/06 (Security)    Keywords: security

Still tackling costs related to its Veritas acquisition, the security company sees a drop in income--but not as much as analysts expected.

Source: http://news.zdnet.com/2100-1009_22-6098902.html

Date: 07/27/06 (Security)    Keywords: software, security

Second-quarter results at the security software maker are preliminary as review of grants process is still underway.

Source: http://news.zdnet.com/2100-1009_22-6099443.html

Date: 07/28/06 (Security)    Keywords: software, security, web

Security has become a no-brainer for desktop software, but the same doesn't hold true for the booming world of Web applications.

Source: http://news.zdnet.com/2100-1009_22-6099228.html

Date: 07/29/06 (Security)    Keywords: java, security, web

JavaScript is playing a major role in the Web 2.0 boom, but increased use of the scripting language is raising security questions.

Source: http://news.zdnet.com/2100-1009_22-6100019.html

Date: 07/29/06 (Web Development)    Keywords: security, web

Any problems with using error_log with parameter 1 (email) that I should be aware of? I just discovered it while researching something else and would like to abuse the hell out of it for production website. It would be nice to suppress all error messages and instead have them piped to a dedicated email address.

Other question... security. Any recommended reads, blogs, notes, what not on the subject? And I mean anything and everything.

Source: http://community.livejournal.com/webdev/338825.html

Date: 07/29/06 (PHP Community)    Keywords: mysql, sql, security, web

Any problems with using error_log with parameter 1 (email) that I should be aware of? I just discovered it while researching something else and would like to abuse the hell out of it for production website. It would be nice to suppress all error messages and instead have them piped to a dedicated email address.

Other question... security. Any recommended reads, blogs, notes, what not on the subject? And I mean anything and everything.


Also, turns out I mistakingly posted this to another community by accident, so to save time... this is what I mean by error_log()

$link = mysql_connect("www.myServer.com","myAccount","password");
if($link == false)
{
$errMsg = "SITE: www.myServer.com\n";
$errMsg .= __FILE__ . "@" . __LINE__ ."\n";
$errMsg .= "Detail: Unable to connect to mysql server\n";
$errMsg .= "mysql_error: " . mysql_error() . "\n";
error_log($errMsg, 1, "errMsg@myOtherServer.com");
//then die or skip rest of script
}


And while I am on the subject, is there anything equivalent to c/c++ #define.  I really miss that and it would come in handy with something like the above code.

Source: http://community.livejournal.com/php/477454.html

Date: 07/30/06 (PHP Community)    Keywords: security

Hello,

Thanks for all the help on my last post. I have another question for everyone. When you have directories that have universal read/write/execute access, what kind of security precautions do you take, if any, on those directories?

Thanks!
-AJ

Source: http://community.livejournal.com/php/478066.html

Date: 07/31/06 (Java Web)    Keywords: security

WordPress 2.0.4 is available for download. This release contains several important security fixes, so it’s recommended upgrade for all users. Over 50 bug fixes have been made in this release including the widely discussed privilege escalation security vulnerability in plugins. Upgrading means overwriting your old files in every directory, except wp-content, with the latest from the [...]

Source: http://blog.taragana.com/index.php/archive/wordpress-204-security-update-released/

Date: 07/31/06 (Security)    Keywords: security, virus

According to security vendor Cybertrust, a new type of virus is programmed to delete itself before it gets caught.

Source: http://news.zdnet.com/2100-1009_22-6100172.html

Date: 07/31/06 (Open Source)    Keywords: software, asp, security, web

Fortify Software, which identifies and remediates software vulnerabilities, has contributed its collection of 115 types of software security errors to the Open Web Application Security Project (OWASP), a six-year old non-profit with almost 5,000 members whose “mission is to find and fight the causes of insecure software.” The work will become part of OWASP's Honeycomb [...]

Source: http://blogs.zdnet.com/open-source/?p=728

Date: 08/01/06 (Security)    Keywords: software, technology, security, microsoft

Updated security products based on Falcon technology are designed to rival Symantec and Microsoft software.

Source: http://news.zdnet.com/2100-1009_22-6101020.html