Kenshoto has officially released their call-for-ninjas regading Defcon 16’s Capture The Flag (CTF) competition.

When questioned about this shocking revelation, Dr. Shoto responded palm-to-forehead, “What you say?!” He further elaborated, “The recent challenges with cyber-infrastructure and the threat of cyber-attack from cyber-terrorists plotting devious cyber-crimes has been troublesome. So let’s all get together and cyber-bitchslap each [...]

In what may turn out to be an important development for interoperability between Internet services, online giant Yahoo! has announced it plans to support OpenID 2.0, a standard designed to enable single-login access to Internet services—even if they’re operated by different companies. Yahoo! plans to introduce beta support for OpenID 2.0 beginning on January 30 [...]

For those researchers out there that thought the Zero Day Initiative was not offering enough money for your zero day exploit, rejoice. WabiSabiLabi, a swiss based company, is offering an auction site for new unreported vulnerabilities. According to the companies home page:
WabiSabiLabi is aiming to a single moving target: to bring the world closer to [...]

We’re not sure if this is directly related to the Ajax exploit we posted about, but interesting to see the point proven that security shouldn’t be forgotten in the name of “Web 2.0”
Apparently it was a simple as them not validating any input on their posts/comments as reported here. This is a similar [...]

According to Fortify Software, 11 out of 12 of the most popular Ajax/JS frameworks are vulnerable to javascript hijacking. So apparently every shiney web 2.0 app out there is ripe for the picking!
“Fortify said that the “pervasive and critical vulnerability” is present in 11 of the 12 most popular AJAX frameworks, and therefore [...]

Michael Kemp has discovered a denial of service issue in the BlackBerry Browser. An BlackBerry device running OS version 4.2 or earlier would be affected as RIM has released a patched version 4.2.1 which fixes this issue.
Here is how the vulnerability works:

Construct a WML page that contains an overly long string value within a link [...]

Shortly after reports of the first virus for Mac OS X, a new security flaw has surfaced. The culprit is the option “Open ’safe’ files after downloading” in Apple’s Safari web browser. This feature is activated by default. Its function is to automatically display images and movies after they are transmitted to the user’s computer, [...]