attack

Microsoft today issued an emergency patch for a vulnerability in its ASP.Net framework that could be used to read or tamper with data on a Web site.

The hole, rated "important," affects all versions of the .Net framework when used on Windows Server operating systems, but Windows desktop systems are not vulnerable unless they are being used to run a Web server, according to the advisory.

The vulnerability was disclosed by Microsoft just over a week ago and later found to be used in limited attacks.

The update is available initially only on the Microsoft Download Center … Read more

When it comes to 9/11, there are only two sorts of people. Those who were there and those who weren't.

But the National September 11 Memorial and Museum has created an app that lets those who download it listen to those who were there--and to experience at least some of the enormity of the event.

Unlike many apps, Explore 9/11 doesn't try to make things fun. It simply uses every aspect of app technology to help people understand just what happened and how it might have felt.

The app lets you walk to certain locations near … Read more

PepsiCo subsidiary Frito-Lay announced on Wednesday that it plans to add more than 176 all-electric trucks to its delivery fleet over the next year and a half.

Five all-electric trucks have been deployed for the company's New York routes this month, with plans to implement a total of 21 all-electric trucks by the end of the year that will include the company's Columbus, Ohio- and Fort Worth, Texas-area routes.

Another 155 all-electric trucks will be added to Frito-Lay's U.S. fleet by the end of 2011. The company already has six EVs operating in its Canada fleet.… Read more

With the enormous popularity of Apple's iPhone, more and more people are switching to Mac desktops and laptops to get the full Mac OS X experience. But as the popularity of the platform reaches unprecedented heights, Macs are beginning to be targeted by malicious attacks, often in the form of drive-by Web site attacks. This means that your Mac could download malicious code just by visiting a questionable Web site.

AVG LinkScanner for Mac (exclusive to CNET Downloads today) protects your computer from malicious threats by providing a shield against dangerous Web sites. This free program has no option … Read more

Media Temple, Web hosting provider for Adobe, ABC, Sony, NBC, Time, Volkswagen, and Starbucks, was hit with a sophisticated distributed denial-of-service (DDoS) attack Tuesday.

The outage began about 3:50 p.m. PDT, when Media Temple's domain name servers were deluged by a flood of traffic coming from outside the U.S., and lasted a total of about two-and-a-half hours, according to a tech support representative at the Los Angeles-based company.

"Due to the sophistication of the attack, our normal DDoS firewall prevention techniques didn't block the attack adequately, as the traffic appears to be legitimate," … Read more

Security research firm Matousec has published details of a technique for bypassing some of the protections offered by widely used Windows security software, including programs from McAfee and Trend Micro.

However, the attack has serious limitations, including the requirement that the attacker must already have the ability to execute code on a system, Matousec acknowledged. That means the method would have to be used in combination with another attack vector, or employed by an attacker with local access to a system.

The method, called an argument-switch attack, can be used against Windows security programs that use a technique called System … Read more

A hole in Microsoft's Windows SMB2 (Server Message Block) protocol was the most attacked vulnerability last year, followed by holes in Adobe Reader and Flash Player, Internet Explorer 7, and Windows MPEG2 ActiveX Control, according to a Symantec report to be released on Tuesday.

Of Web-based attacks, suspicious PDF file downloads was the top method, representing nearly half of such attacks, followed by six attacks on IE, one targeting Adobe SWF (Shockwave Flash), and two targeting MPEG2 ActiveX Controls, the Symantec Global Internet Security Threat Report found.

Despite being the most attacked browser, IE had 45 reported vulnerabilities, compared … Read more

We'll admit up front that we never played the original Ant Attack--we were still in diapers when it was first released--so we're not prepared to tell you how 3D Ant Attack stacks up to its predecessor. What we can say is that this arcade-style game, despite its apparent simplicity, is both challenging and exciting.

The object of the game is to rescue a series of people from a 3D city that is swarming with giant ants. Users can defend themselves by jumping--either on the ants, to stun them, or to higher ground--or launching grenades that paralyze or kill … Read more

SAN FRANCISCO--The type of software corporations use to house source code that criminals targeted in the recent attacks on Google and others is generally weak in security protection, McAfee researchers said on Wednesday.

McAfee analyzed a commonly used software for housing intellectual property called Perforce and released its findings during a session at the RSA security conference here. The company helped in the discovery that a hole in Internet Explorer 6 was exploited in at least some of the recent attacks on U.S. firms and named the attacks "Operation Aurora" after the malware used.

Now the security … Read more