Google announced via his Official Gmail Blog the support of TIFF and Powerpoint files in their Gmail application. PDF files were already supported for a while. For a few months, PDF files have been hit by several security issues and recently, a zero-day exploit targeted Powerpoint files. Why not use
Tag: Website
How a Buffer Overflow Works
Seen on blog.wired.com, a very good explanation about a buffer overflow attack (a very common method to compromize a system or application): blog.wired.com/27bstroke6/2009/03/conficker-how-a.html.
Unsafe Customer Data!
I received the following e-mail yesterday. It came from a Belgian e-commerce website. It’s a company active in a very specific out-door activity (no name here, but if they are other customers reading my blog, they will for sure recognize the format). The customer base is restricted (but international). Sorry
Sorry, We Are Closed!
WTF! I just tried to buy some movie tickets @ Kinepolis. I received the message below. Since when e-commerce websites are closed like regular stores?
Search the Internet in a Safe Way
Most search engines are well-known to log your IP address when you perform a search request via their services. For each request, personal information are saved (IP address, timestamps, clicked results) and re-used later to build your “profile”. Why? First, to propose more accurate results when you use the search
Databases Protection with GreenSQL
Today, the majority of websites offer dynamic content to visitors. All information is stored in back-end databases and processed live. A classic infrastructure is based on LAMP (Linux, Apache, MySQL, PHP). Unfortunately, “database” means also a broaden surface attack. And risks are multiple: SQL injections, data leak, data alteration or
You Asked the Webmaster? Hold the Line Please…
A few days ago, I accidentally discovered a security flaw in a public forum dedicated to a well-known security software solution. No “high-level” attack but something really dumb. During the registration process, I pasted a wrong string in the registration page. My clipboard still contained some basic HTML tags. All
PaulDotCom Goes TV (again)
Big fan of PaulDotCom for a long time, I listen to the Security Weekly postcast every week in my car (that’s the positive side of traffic jam in the morning ;-) They also broadcasted videos for a long time but the last episode was posted in May 2008. They are
Strange Spam via Google Docs
During the last 24 hours, I started to received a lot of spam messages based on Google Docs. The e-mails look like: From: <random address> To: <me> Subject: Monthly Payments Keep Rising. If you are one of the many homeowners whose payments are high and home values are low, or
Protect Your WordPress Blog Using a “Sabre”
I hope it’s not the same for you, but I saw a dramatic increase of false registrations on my blog for a few days (spambots). I decided to take action and search for a solution. WordPress is a blogging system which can be extended by plugins. After some investigations, I