TechWeb | News | IE And Firefox Sport New Zero-day Flaw

Multiple security organizations warned Tuesday that Internet Explorer, Firefox, Mozilla, and SeaMonkey -- on Windows, Linux, and the Mac -- are vulnerable to a JavaScript bug that could allow a determined attacker to dupe users into giving up sensitive personal information such as credit card or bank account numbers and passwords.

According to Symantec, which issued an alert late afternoon Tuesday, all versions of the Microsoft and Mozilla browsers could be used to harvest data through a JavaScript key-filtering vulnerability.

'This issue is triggered by utilizing JavaScript 'OnKeyDown' events to capture and duplicate keystrokes from users,' went the Symantec warning.

The bug would let crafty criminals filter keystrokes entered into a form, say a credit card form to pay for online goods, to an invisible file upload dialog on the same Web page. Once the information's trapped in that hidden dialog -- the vulnerability discoverer used the analogy of the keystrokes 'bouncing' from the legit (or at least legitimate-looking form) to the cloaked one -- the data could be sent to the attacker."

Comments

US says world safer, despite 11,000 attacks in '05

The U.S. war on terrorism has made the world safer, the State Department's counterterrorism chief said on Friday, despite more than 11,000 terrorist attacks worldwide last year that killed 14,600 people. The U.S. State Department said the numbers, listed in its annual Country Reports on Terrorism released on Friday, were based on a broader definition of terrorism and could not be compared to the 3,129 international attacks listed the previous year. But the new 2005 figures, which showed attacks in Iraq jumped and accounted for about a third of the world's total, may fuel criticism of the Bush administration's assertion that it is winning the fight against terrorism. Asked if the world was safer than the previous year, U.S. State Department Counterterrorism Coordinator Henry Crumpton told a news conference, "I think so. But I think that (if) you look at the ups and downs of this battle, it's going to take us a long time to win this. You can't measure this month ...

Al-Qaeda number two in new video

Al-Qaeda's number two Ayman al-Zawahiri has appeared in a video saying that Iraqi insurgents have "broken the back" of the US military. He praised "martyrdom operations" carried out by al-Qaeda in Iraq in the video, posted on an Islamist website. And he called on the people and army of Pakistan to fight against President Musharraf's administration. This is the third message from prominent al-Qaeda leaders to emerge within a week. A tape from Osama Bin Laden was broadcast on 23 April, followed two days later by a message from Iraqi insurgent Abu Musab al-Zarqawi. Pakistan focus Zawahiri, who wore a black turban and a white robe in the video, described the leaders of Egypt, Jordan, Saudi Arabia and Iraq as traitors, and urged Muslims to "confront them". He praised Iraqi militants, saying that the US, Britain and allies had "achieved nothing but losses, disasters and misfortunes" in Iraq. "Al-Qaeda in Iraq alone has carried out 800 ma...

Does light have mass?

The short answer is "no", but it is a qualified "no" because there are odd ways of interpreting the question which could justify the answer "yes". Light is composed of photons so we could ask if the photon has mass. The answer is then definitely "no": The photon is a massless particle. According to theory it has energy and momentum but no mass and this is confirmed by experiment to within strict limits. Even before it was known that light is composed of photons it was known that light carries momentum and will exert a pressure on a surface. This is not evidence that it has mass since momentum can exist without mass. [ For details see the Physics FAQ article What is the mass of the photon? ]. Sometimes people like to say that the photon does have mass because a photon has energy E = hf where h is Planck's constant and f is the frequency of the photon. Energy, they say, is equivalent to mass according to Einstein's famous formula E = m...

exinfo88

Search This Blog