[Owasp-ireland] Application Security News: 4th April 2011

Mon Apr 4 09:59:41 EDT 2011

*********************************************************
Application Security News           April 4th, 2011
*********************************************************
RSA HACK EXPLAINED: PHISHING AND FLASH FLAW

The recent RSA data breach was caused by an employee opening an attachment 
in a phishing e-mail which took advantage of an Adobe Flash vulnerability.

More on this story: http://blogs.rsa.com/rivner/anatomy-of-an-attack/

FIREFOX 'DO NOT TRACK' HEADER IS GETTING ATTENTION

Mozilla proposed the header with a January blog post, hoping to give 
netizens the option of shielding themselves from ad networks that attempt 
to track their web behavior, and the idea was soon rolled into Firefox.

More on this story: 
http://www.theregister.co.uk/2011/04/01/ap_adopts_firefox_do_not_track_header/

IMPROVING SSL CERTIFICATE SECURITY

In the wake of the recent Comodo fraud incident, there has been a great 
deal of speculation about how to improve the public key infrastructure, on 
which the security of the Internet rests.

More on this story: 
http://googleonlinesecurity.blogspot.com/2011/04/improving-ssl-certificate-security.html

Fabio Cerullo
OWASP Ireland

This document is strictly confidential and is intended for use by the addressee unless otherwise indicated. Allied Irish Banks, 
AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Central Bank of Ireland.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173.
~~~~~~~Please consider the environment before printing this Email~~~~~~~~
This email has been scanned by an external Email Security System.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20110404/ebe2fe2a/attachment.html 