Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Exploit



  30 minutes to fix Java vulnerability

On September 25, Adam Gowdiak from the Polish security consulting firm Security Explorations submitted a Java security vulnerability to Oracle and provided a proof-of-concept. The vulnerability exists in Java 5 6,7, once the user accesses hosted malware site, an attacker can remotely control the infected machine.Gowdiak later got in touch again with Oracle and got the response that the fix has reached the final stage. He can expect the patch in four months later. He eventually unbearable Oracle'...

   Java, Vulnerability,Fix     2012-10-29 11:53:43

  Haskell’s effect on my C++: exploit the type system

Like most programmers, I was attracted to Scheme by the promise that it would make me a better programmer. I came to appreciate the functional style, but swapped to Haskell, a more developed language with a rapidly developing standard library. Unfortunately, for me, Haskell can’t yet replace C++ on a day to day basis, so I reluctantly spend my days tapping away at C++. So, were the promises true? has functional programming made me a better programmer? Better is a tough question,...

   Haskell,C++,Type system,Comparison     2012-02-06 07:44:35

  8 very useful and free web security testing tools

With more pervasive of web applications, web security threats are becoming increasingly prominent. Hackers gain web server control by exploiting web server vulnerabilities and SQL injection vulnerabilities, then they may tamper with web content, or steal important internal data, the more serious is to inject malicious code into web pages to affect visitors of websites. Attention is gradually warming up to Web Application Security. Here we recommend eight very useful and free web security testing...

   Website, security,Web security,Attack     2012-07-22 10:59:09

  Oracle released an urgent Java patch

On March 23, Oracle just released an urgent Java patch which is out of its normal update schedule. The security vulnerability is related to the Java SE running in web browsers on desktops. The CVE ID for this issue is CVE-2016-0636. With the unpatched Java, attackers can remotely exploit the target system without username and credentials. Successful exploits can impact the availability, integrity, and confidentiality of the user's system. When the user access pages containing malicious code...

   JAVA,SECURITY,ORACLE,NEWS     2016-03-25 08:39:59

  Comex, the Hacker Behind JailbreakMe.com, Hired as Apple Intern

Comex, the hacker behind JailbreakMe.com, is joining Apple as an intern. JailbreakMe.com made it extremely easy for iOS users to jailbreak their devices simply by visiting a website. He announced the hiring on Twitter: It's been really, really fun, but it's also been a while and I've been getting bored. So, the week after next I will be starting an internship with Apple. Forbes unmasked Comex as Nicholas Allegra, a 19-year old Brown University student from Chappaqua, NY, by Forbes. In that arti...

   Apple,Comex,Jailbrealme,Intern,Leak,Hack     2011-08-26 02:35:57

  Why is programming unique profession

Why programming is unique profession - Presentation Transcript Introduction Some people says programming is difficult and for some others it is so easy. It not only depends on your capabilities, but your attitude for work. Programming is hard indeed, but not at all as difficult as life of a crook or joker who pretend, lie and act for living. Knowing what you do, life is going to be much more interesting and enjoyable for a programmer. You play with a dumb machine Computer is dumb machine. Unless...

   Programming,Unique profession,Reason     2011-07-22 23:55:09

  How to prevent next HeartBleed bug?

How to ensure the security of open source projects is a concern for many open source users including individual users and companies. But it's not an easy task to ensure the security of open source projects. Because everyone can see the source code, there is much higher possibility that a bug may be found by someone. Once a bug is disclosed, people may exploit it and do evil things, this may cause loss of money either for individuals or companies, some of the bugs may even have big impact to the...

   Open source,HeartBleed,Security     2014-04-24 09:07:05

  Flash Player sandboxing is coming to Firefox

Peleus here. In December of 2010, I wrote a blog post describing the first steps towards sandboxing Flash Player within Google Chrome. In the blog, I stated that the Flash Player team would explore bringing sandboxing technology to other browsers. We then spent 2011 buried deep within Adobe laying the groundwork for several new security innovations. Today, Adobe has launched a public beta of our new Flash Player sandbox (aka “Protected Mode”) for the Firefox browser....

   Flash,Sandbox,Google chrome     2012-02-07 06:16:57

  Avoiding and exploiting JavaScript's warts

One's sentiment toward JavaScript flips between elegance and disgust without transiting intermediate states. The key to seeing JavaScript as elegant is understanding its warts, and knowing how to avoid, work around or even exploit them. I adopted this avoid/fix/exploit approach after reading Doug Crockford's JavaScript: The Good Parts: Doug has a slightly different and more elaborate take on the bad parts and awful parts, so I'm sharing my perspective on the four issues that ha...

   JavaScript,warts,Exploit,with,variable,this     2012-02-15 05:51:21

  How to harness company’s resource?

As an employee, it is no doubt that we should spare no effort to contribute to your employer since it pays us salary. But at the same time, we should also consider how to utilise the company's resource to enrich ourselves. After all, only if we become more competent and brilliant, the company can benefit more from us, and this will be a definitely win-win situation. In this post, I will illuminate how to take advantage of company's "hardware" and "software" resource. (1) “Ha...

       2017-08-11 05:18:07