45 posts categorized "Tal Be'ery"

February 20, 2013

Oracle has released its Critical Patch Update, which is focused on fixing a major Java exploit. Java vulnerabilities are clearly on the rise. Currently, they represent more than 10 percent of all reported vulnerabilities this...Read More
Share:
  • Tags:
  • Permalink
  • Comments (1)

December 18, 2012

Yesterday, the Iranian CERT made an announcement about a new piece of malware that was designed to corrupt data. This malware joins the list of data corruption malware discovered in April, November and December 2012...Read More
Share:
  • Tags:
  • Permalink
  • Comments (0)

December 17, 2012

Our anti-antivirus study got a lot of attention (you could say it went viral). Most interestingly, people called our methodology “flawed.” While our report acknowledged the limitations of our methodology, we believe that, fundamentally, the...Read More
Share:
  • Tags:
  • Permalink
  • Comments (0)

December 06, 2012

A new attack makes some password cracking faster, easier than ever. A researcher has devised a method that reduces the time and resources required to crack passwords that are protected by the SHA1 cryptographic algorithm....Read More
Share:
  • Tags:
  • Permalink
  • Comments (3)

October 17, 2012

Recently, US banks were warned about automated attacks coming from Havij, a SQL injection attack tool. While we've blogged on stopping SQL injection in the past, it is a topic always worth revisiting. First, let's...Read More
Share:
  • Tags:
  • Permalink
  • Comments (0)

October 11, 2012

Firefox is leaking URLs data across domain, by not restricting javascript’s “location” method. How does it work? A “proof of concept” exploit for the vulnerability exists (for more, check this out). A user browses to...Read More
Share:
  • Tags:
  • Permalink
  • Comments (0)

September 10, 2012

Great perspective from our own Tal Be'ery on managing Java vulnerabilities.Read More
Share:
  • Tags:
  • Permalink
  • Comments (0)

July 23, 2012

Forbes is reporting that gaming website Gamigo was breached. The article notes: When this breach originally happened, the data wasn’t released, so it wasn’t a big concern. Now eight million email addresses and passwords have...Read More
Share:
  • Tags:
  • Permalink
  • Comments (0)

July 12, 2012

Yahoo! Voices was breached. This application is an online publishing application that was developed by Associated Content and later acquired by Yahoo!. It allows consumers to share information on any topic, such as planning a...Read More
Share:
  • Tags:
  • Permalink
  • Comments (0)

June 21, 2012

Great column by Imperva's Tal Be'ery explaining why the LinkedIn breach exceeds 6.5M users. The fun bits: In the RockYou password breach , which now serves as the gold standard for passwords study, it was...Read More
Share:
  • Tags:
  • Permalink
  • Comments (0)