Using EV Certificates OverStock.com Sees Less Shopping Cart Abandonment

 ( 658 days 14 hours ago)

(Source: Verisign) Overstock.com deployed the VeriSign Secured Seal and VeriSign Extended Validation SSL Certificates to further enhance customers' confidence when transacting on its Web site. As a result of the enhancement, site visitors with browsers that support the new certificate now abandon their shopping cart 8.6% less than other site visitors.

The Latest Advancements in SSL Technology

 ( 658 days 14 hours ago)

(Source: Verisign) Protect your site with SSL from VeriSign to ensure your company and customers are secure. Learn how to get the strongest SSL encryption and increase customer confidence with Extended Validation (EV) SSL Certificates, which trigger the green address bar in high security browsers, allowing your customers to feel safe online.

SQL in Archimede Net 2000 "E-Guest_show.php"

 ( 658 days 14 hours ago)

Discovery by: Sw33t h4cK3r Powered by: Archimede Net 2000 Exploit : )

LightBlog Remote File Upload Vulnerability

 ( 658 days 14 hours ago)

LightBlog 9.5 - REMOTE FILE UPLOAD VULNERABILITY by Omni 1) Infos Date : 2008-01-30 Product : LightBlog Version : v 9.5 Vendor : Vendor Status : 2008-01-31 Informed! 2008-01-31 Patch received from vendor! 2008-02-01 Published! ...

Elaborate gear-based con foiled by alert employee

 ( 658 days 18 hours ago)

A elaborate Swedish bank-heist scheme involving remotely controlled gear was foiled by an eagle-eyed employee who saw a mouse pointer moving when it shouldn't.

[ MDVSA-2008:031 ] -

 ( 658 days 18 hours ago)

Mandriva Linux Security Advisory MDVSA-2008:031 Package : xdg-utils Date : February 1, 2008 Affected: 2007.1, 2008.0 Problem Description: A vulnerability was found in xdg-open and xdg-email commands, which allows remote attackers to execute arbitrary commands if the user is ...

LiveCart XSS vulnerability fixed since version 1.1.0

 ( 658 days 18 hours ago)

This issue has been resolved since version 1.1.0:

[ MDVSA-2008:030 ] - Updated pcre packages fix vulnerability

 ( 658 days 18 hours ago)

Mandriva Linux Security Advisory MDVSA-2008:030 Package : pcre Date : January 31, 2008 Affected: Corporate 3.0, Multi Network Firewall 2.0 Problem Description: Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular ...

Mandriva: Subject: [Security Announce] [ MDVSA-2008:031 ] -

 ( 658 days 19 hours ago)

LinuxSecurity.com: A vulnerability was found in xdg-open and xdg-email commands, which allows remote attackers to execute arbitrary commands if the user is tricked into trying to open a maliciously crafted URL. The updated packages have been patched to prevent the issue.

Mandriva: Updated pcre packages fix vulnerability

 ( 658 days 19 hours ago)

LinuxSecurity.com: Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application. Updated packages have been patched to prevent this issue.

Ubuntu: PulseAudio vulnerability

 ( 658 days 19 hours ago)

LinuxSecurity.com: It was discovered that PulseAudio did not properly drop privileges when running as a daemon. Local users may be able to exploit this and gain privileges. The default Ubuntu configuration is not affected.

Mandriva: Updated ruby packages fix possible

 ( 658 days 19 hours ago)

LinuxSecurity.com: Ruby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet, Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a possible man-in-the-middle attack, when using SSL, due to a missing check of the CN (common name) attribute in SSL certificates against the server's hostname. The updated packages have been patched to prevent the issue.

Visa adds to its list of payment apps that improperly store card data

 ( 659 days 1 hour ago)

The credit card company has put three more vendors on a list of payment applications that fully store magnetic-stripe data, according to a copy of the list posted online against Visa's wishes.