1. VeriSign plans divestiture of many businesses

    Date: 11/14/07 (Security)    Keywords: security, web

    As part of overhaul, company will focus on Web-site naming, online security while it sells off units ranging from billing services to consulting. VeriSign, which runs the infrastructure that directs most of the world's Internet traffic, said on Wednesday it plans to divest several businesses and focus on...

    Source: http://news.zdnet.com/2100-9588_22-6218409.html

  2. Hacker finds 492,000 unprotected Oracle, SQL database servers

    Date: 11/14/07 (Data Management)    Keywords: software, database, sql, security, microsoft

    A survey by renowned database hacker David Litchfield has found a whopping 492,000 Microsoft SQL and Oracle database servers directly accessible to the Internet without firewall protection. Litchfield (right), co-founder of Next Generation Security Software, ran port scans against 1,160,000 random IP addresses -- TCP port 1433...

    Source: http://blogs.zdnet.com/security/?p=663

  3. 'Lust, Caution' spawns viruses

    Date: 11/19/07 (Security)    Keywords: security, virus

    Several hundred sites offering free downloads of Ang Lee's steamy spy thriller are embedded with viruses, Chinese security company says. A Chinese security company has warned against free downloads of Ang Lee's steamy spy thriller, Lust, Caution, saying several hundred sites offering the movie were embedded with viruses....

    Source: http://news.zdnet.com/2100-1009_22-6219272.html

  4. Mainsoft solves SharePoint trap

    Date: 11/19/07 (Open Source)    Keywords: security, web

    The key to success was using the Web Services Interface of SharePoint to move data across to Websphere, while using the Websphere portal's security structure for a single sign-on, mapping the two credentials.

    Source: http://feeds.feedburner.com/~r/zdnet/open-source/~3/187338388/

  5. Targeted e-mail attacks spoof DOJ, business group

    Date: 11/20/07 (Security)    Keywords: security

    Security expert says latest attacks part of an escalating problem. Availability of toolkits, rise of social networks are making it easier for phishers. Images: Customized e-mail attacks Security experts warned this week of two separate e-mail attacks launched Monday that take aim at specific individuals within corporations....

    Source: http://news.zdnet.com/2100-1009_22-6219559.html

  6. Militants seen educated in online training camps

    Date: 11/21/07 (Security)    Keywords: security

    Internet security expert says an al-Qaida site, for example, shows how to use weapons, carry out a kidnapping, and make bombs. The Internet has become a key teaching tool for Islamist militants who are using it to educate recruits in Internet training camps, crime and security experts said...

    Source: http://news.zdnet.com/2100-1009_22-6219727.html

  7. Israel launches antihijack pilot ID system

    Date: 11/21/07 (Security)    Keywords: security

    Trial run of pilot-authentication system planned for next month; experts note limitations of approach. Israeli authorities plan to issue a new antihijack identification system to incoming aircraft that they say is foolproof, but some experts are not convinced it will plug all the security holes on the horizon....

    Source: http://news.zdnet.com/2100-1009_22-6219690.html

  8. an endless loop of Csharp.Frustration[s]

    Date: 11/22/07 (Web Development)    Keywords: database, asp, security, web, shopping

    Hi all,

    I'll write my C# frustrations here...Note that this is for an assignment, so there is no need to worry about security issues and all those other wonderful things. I would ask my professor, but he's a programmer...and he's horrible at getting his thoughts across.

    I created a web form that allows users to choose a certain amount of a product they want, and afterwards, it all gets confirmed and a message shows up saying the conversion was completed (even though it wasn't...not yet anyway)

    Please note that I am NOT looking for code answers just to copy and paste. I would like the theory of how I should go about solving this - since most websites just give you a basic understanding of how try/catch works.

    Problem 1: How do I implement the "try", "catch", "finally" exception if a user picks the same product and quantity twice? I already have an if-statement that keeps track of what has been chosen in the user's session. Would the try/catch go into that if-statement?

    Problem 2: What if the user decides to first order 3 items of a product, then decides to order more? How would I input this into the "try", "catch", "finally"? I have an if-statement that keeps track of whether the quantity has been "trimmed" or not.

    Problem 3: Do I need a database connection command in that particular web page to determine how much of a product has been chosen and how much is available to other users?

    Problem 4: Confirmation e-mail. I understand the whole idea of "using System.Net;" for email, but how would I go about implementing code to get an e-mail application started? (This problem/question is seperate from the code below)


    Here's my code for the different problems 1 - 3:




    protected void btnOrder_Click(object sender, EventArgs e)
    {
    //Check for Shoppingcart object
    // Create first if not there

    if (Session["cart"] == null)
    {
    Session["cart"] = new ShoppingCart();
    int quantity = 0;
    }

    // make sure there is text
    if (txtQuantity.Text.Trim().Length != 0)
    {
    // try to convert text to int ???
    int quantity = int.Parse(txtQuantity.Text);
    // check for this item in the cart
    // Note this only makes sense if the "cart" exists
    // since it checks for an individual item in the cart
    if (((ShoppingCart)Session["cart"]).
    keyExists(int.Parse(TextBox1.Text)))
    {
    //throw new Exception("Item already in cart - fix this");

    Response.Write("Item already exists in cart. What do you want to do?");
    // Message to user that product is already in the order


    ///AND this is where my problems start:
    /*try
    {

    Response.Write("Item already exists, what do you want to do?");
    }

    catch (ArgumentException de)
    {
    ShoppingCart;
    }

    finally
    {
    Console.WriteLine("Finally Block");
    }
    * */
    ///END of one set of problems (sorry for intending issues)

    }
    if ((txtQuantity.Text.Trim().Length != 0)) // This is a new item
    {
    //Response.Write("Please choose the quantity");
    OrderItem item = new OrderItem(
    int.Parse(TextBox1.Text), TextBox2.Text,
    double.Parse(TextBox6.Text),
    int.Parse(txtQuantity.Text));
    ((ShoppingCart)Session["cart"]).addToCart(item);
    Response.Write("Item added successfully!");
    Server.Transfer("CatalogDisplay.aspx");

    }
    else
    {
    // Make the item
    OrderItem item = new OrderItem(
    int.Parse(TextBox1.Text), TextBox2.Text,
    double.Parse(TextBox6.Text),
    int.Parse(txtQuantity.Text));
    // add to cart
    ((ShoppingCart)Session["cart"]).addToCart(item);

    ///////////////////////////////not sure what the next part does

    // How to make this work ??
    // Who is the sender ?
    // What are the System.EventArgs ?
    this.btnReturn_Click(sender, e);

    //////////end of "not sure"
    }
    else
    {
    //Basically if the quantity field is empty, you can't move on to the Order page.
    Response.Write("Nothing Ordered
    You must order some of the product or return to the Catalog");
    }



    Database reference: Northwind.mdb

    Source: http://community.livejournal.com/webdev/449890.html

  9. Mission for James Bond's Q: Seek venture capital

    Date: 11/26/07 (Security)    Keywords: security

    Global Security Challenge gives start-ups the chance to show off their real-life technologies Bond might find helpful. "Now pay attention, 007!" In the James Bond novels and films, it fell to technical expert Q to invent the gizmos and cunningly concealed weapons that helped the British spy...

    Source: http://news.zdnet.com/2100-9595_22-6220072.html

  10. Top 7 security trends for 2008

    Date: 11/28/07 (Security)    Keywords: security, spam

    Sentrigo CTO Slavik Markovich predicts more top-down driven initiatives to plug real security gaps based on threats from insiders and hackers alike. Commentary--2008 will be marked by strides in more coherent, enterprise-wide IT security policy enforcement. In addition to battling with security threats such as data security, anti-spam and...

    Source: http://news.zdnet.com/2424-9595_22-177880.html

  11. DomDocument->Load() & DomDocument->Save()

    Date: 11/28/07 (PHP Community)    Keywords: xml, security

    I need in Load and Save of XML-documents on disk.
    I use DomDocument for work with them.

    And I’m interesting, what about shared access security?
    Does DomDocument do flock() for reading/writing files?

    Or will it better if I read and write XML-files by myself and do LoadXML()/SaveXML()?

    Source: http://community.livejournal.com/php/599416.html

  12. Study: 'Huge jump' in Microsoft flaws since last year

    Date: 11/29/07 (Security)    Keywords: software, security, microsoft

    The number of security holes found in Microsoft software between 2006 and 2007 has risen threefold, says vulnerability-scanning company Qualys. The past year has seen a massive increase in the number of flaws found in Microsoft software, according to vulnerability-scanning company Qualys. Between 2006 and...

    Source: http://news.zdnet.com/2424-9595_22-178018.html

  13. World faces 'cyber cold war' threat, report says

    Date: 11/29/07 (Security)    Keywords: security

    About 120 countries are trying to use the Net as a weapon to target financial markets, government computers, and utilities, McAfee says. A "cyber cold war" waged over the world's computers threatens to become one of the biggest threats to security in the next decade, according to a...

    Source: http://news.zdnet.com/2100-1009_22-6220619.html

  14. Study: 'Huge jump' in Microsoft flaws since last year

    Date: 11/29/07 (Security)    Keywords: software, security, microsoft

    The number of security holes found in Microsoft software between 2006 and 2007 has risen threefold, says vulnerability-scanning company Qualys. The past year has seen a massive increase in the number of flaws found in Microsoft software, according to vulnerability-scanning company Qualys. Between 2006 and 2007, there...

    Source: http://news.zdnet.com/2100-1009_22-6220719.html

  15. Microsoft launches Exchange Server 2007 SP1

    Date: 12/01/07 (Security)    Keywords: security, web, microsoft

    New features should improve management, add support for Windows Server 2008, and lead to better mobile security, says Microsoft. Microsoft on Friday launched Service Pack 1 for Windows Exchange Server 2007. Features include additions to the Exchange management console, Outlook web access and disaster recovery. Disaster recovery...

    Source: http://news.zdnet.com/2100-9584_22-6220993.html

  16. Firefox Users - News

    Date: 12/02/07 (Computer Help)    Keywords: software, browser, security, web

    November 30, 2007 9:21 PM PST

    Firefox churns to version 2.0.0.11

     

    Mozilla's bug-munching mascot

    (Credit: Mozilla)

    Mozilla on Friday released the third update to Firefox this month, version 2.0.0.11, to fix a stability problem in the previous version.

    "We strongly recommend that all Firefox users upgrade to this latest release," a post on the Firefox developer blog said.

    The open-source Web browser update arrived swiftly after version 2.0.0.8, released October 18, version 2.0.0.9 from November 1, and version 2.0.0.10 from November 26. Which explains why I'm getting a lot of software update messages from my Web browser.

    Version 2.0.0.10 broke a feature that lets images be displayed with special effects such as rotated pictures and image reflections, according to Mozilla's bug-tracking site. The problem was fixed within a day and distributed within five, but not before some whose sites were affected by the bug had voiced frustration.

    "Customers are complaining because their Firefox automatically updated to 2.0.0.10 and now they can no longer order photo prints in our shop. I think this is a very serious problem and I hope it will be fixed immediately in a 2.0.0.11 update," a post by Klaus Reimer said.

    In an indirect response, Firefox coder Nick Thomas pointed to mailing lists that people can use to test their sites with imminent new Firefox versions. Thomas also said that the five-day turnaround is "the fastest turnaround between Firefox releases to date."

    As long as the Mozilla coders are stamping out bugs, one that's annoyed me has become more prominent of late because it shows up when I install a Firefox update.

    When I restore my Firefox browser sessions upon rebooting my computer, it's impossible to get rid of the "You've been updated to the latest version of Firefox" page. Even if I close that tab, it comes back later, so I have to start with a clean browsing slate to make it go away. It's not a stability or security problem, but it's not a credit to what is a notably influential project.

    Mozilla released the first beta version of Firefox 3, called Gran Paradiso, less than two weeks ago. The second Firefox 3 beta should be done in "late December" if all goes well, according to another Mozilla developer blog post Friday.

    Source: http://community.livejournal.com/computer_help/846038.html

  17. Securing Microsoft: From pain to progress

    Date: 12/03/07 (Security)    Keywords: security, microsoft

    Here's part I of a three part special report that examines how Microsoft's security strategy has evolved over the past decade. Slammer and Blaster caused the darkest days at Microsoft. REDMOND, Wash.--With a measure of pain, Matt Thomlinson recalls the summer of 2003. "I remember buses pulling up...

    Source: http://news.zdnet.com/2424-9595_22-178522.html

  18. Apple QuickTime exploit in the wild

    Date: 12/03/07 (Security)    Keywords: security, web

    An active exploit has been seen by Symantec for a vulnerability that affects the latest versions of Apple QuickTime. Symantec has found active exploit code in the wild for an unpatched Apple QuickTime vulnerability. Researcher Joji Hamada wrote in Symantec's Security Response Weblog on Saturday that the...

    Source: http://news.zdnet.com/2100-1009_22-6221098.html

  19. Shorter URLs help phishers hook more victims

    Date: 12/03/07 (Security)    Keywords: security

    Cybercriminals are shrinking host names of malicious sites to lend them an air of legitimacy, according to security researchers. Phishers are using shorter URLs for malicious sites in a bid to lend an air of legitimacy to threatening links. Internet Security Services, IBM's online-security division, claims to...

    Source: http://news.zdnet.com/2100-1009_22-6221092.html

  20. Preventing SQL Injection

    Date: 12/04/07 (PHP Community)    Keywords: php, mysql, sql, security

    I've been trying to understand, SQL Injection ... and reading this.
    http://www.phpbuilder.com/columns/ProPHPSecurity_excerpt_part3.php3



          $sql = "INSERT INTO table
      (unit1, unit2, unit3, unit4)
        VALUES
      (\"$value1\", \"$value2\", \"$value3\", \"$value4\")
		";
        mysql_query($sql,$conn) or die(" Error 1: ".mysql_error());


    This is my standard update query. Being new to PHP, and even less knowledgeable of MySQL what makes that string open to attack?

    Source: http://community.livejournal.com/php/601327.html

Previous page  ||  Next page
Search  •  Site Map  •  Set as Homepage  •  Add to Favourites  • 
antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home