I Am Security

Category: Security Research

  • Widgets+Advertisements=?

    by

    iamit
    in ,

    Coincidence or just sheer luck, but I just happened to stumble upon this article announcing that Google has come up with a widget that serves advertisements, and quoting the source: “A variety of web technologies can be used to create the ad, including Flash and HTML to author it, and RSS, images, video, and audio…

  • Hitting the nail on the head

    by

    iamit
    in , ,

    When we here at the MCRC are publishing our quarterly trends reports (http://www.finjan.com/Content.aspx?id=827), we are always facing the possibility that what we have been working on and predicting that would become the next issue with web security, isn’t really going to happen. Fortunately, we keep getting great feedback from the community since we started the…

  • Vista Sidebar Vulnerability

    by

    iamit
    in ,

    Or how a contact may get too close for comfort… It’s finally here. August 14th, and we are finally in liberty to talk about the vulnerability in the Vista Sidebar Contacts Widget. As you may or may not know – when we presented “The Inherent Insecurity of Widgets and Gadgets” a few days ago at…

  • Malicious space on MySpace

    by

    iamit
    in ,

    Last Wednesday (June 13th), SecureBrowsing has alerted us on a “cute” MySpace profile being used as a malicious code attack vector. This is not the first catch by SecureBrowsing, but to see one on MySpace this late into 2007 was a bit of a surprise. We have been talking about the risks of Web2.0 in…

  • Have something to hide? make a lot of noise about it!

    by

    iamit
    in , ,

    There has been a lot of noise on the web over the past few days in regard to the MPack toolkit being used in the Italy region. Everyone has been talking about it vigorously: From the washington post, WebSense, TrendMicro, so eventually even Slashdot picked up on it. The interesting thing is, no one is…