Microsoft has activated its security response process to deal with the release of a exploit code targeting an unpatched vulnerability affecting IIS 5.0 through 6.0.
The company released a formal pre-patch advisory to acknowledge the vulnerability and offer mitigation guidance for customers.
Microsoft is investigating new public reports of a possible vulnerability in Microsoft Internet Information [...]
It took only a week for the researchers at SourceSec to find a flaw in the CAPTCHA implementation of D-Link’s recently introduced CAPTCHA in its routers, originally aimed to prevent DNS changing malware from automatically achieving its objective.
According to SourceSec, the flawed implementation allows an attacker/malware to retrieve the router’s WPA passphrase with user-level access [...]
How secret are in fact the ’secret questions’ used for resetting forgotten passwords? Not so secret after all, according to a just published study entitled “It’s no secret: Measuring the security and reliability of authentication via ’secret’ questions” according to which 17% of the study’s participants were not only able to answer the ’secret questions’ [...]
