How safe are we Online?
▐ Criminals hijack 10,000 web pages
March 13, 2008
► Web User
Many of us use passwords that are easy to guess Security firm McAfee is warning that even the websites you trust can pose a risk to your online safety. It has discovered that 10,000 legitimate 
web pages have been rigged by cyber-criminals to take control of a visitor's PC and search for stored passwords. The password-stealing program attack was launched from servers based in China and McAfee warned surfers to be very careful about which sites they visit.
"Often you hear warnings about not going to un-trusted sites. That is good advice, but it is not enough," said Craig Schmugar, threat researcher at McAfee Avert Labs.
"Even sites you know can become compromised. You went to a place before that you trust, but that trust was violated through a vulnerability that was exploited," he continued. Many popular websites such as travel sites and even government web pages have been compromised. According to McAfee, a similar attack took place last year, focusing on websites related to the SuperBowl. ◘
▐ Flaws found in Safari browser
March 25, 2008
► Web User
Safari, An Argentinian security researcher has discovered two flaws in Apple's Safari for Windows browser. Juan Pablo Lopez Yacubian said the vulnerabilities could allow hackers to remotely take control of a victim's computer.He described the most serious flaw as a vulnerability in the Safari browser for Windows 3.1 which allows a hacker to “falsify the web address and enter another page or content".This essentially means that even though you see a trusted URL in the browser address bar, the web page could be displaying unauthorized content that could put your PC at risk.
Security firm Secunia has given the flaws a 'highly critical' rating, the second highest rating on its scale. The other flaw, said Secunia, is an error that occurs when downloading files with an overly long filename, which can be exploited to cause a memory corruption which could in turn allow a hacker to take control of the PC. The problems are currently unpatched and Apple would not comment on the matter when approached by Web User.The discovery follows criticism from Mozilla, developers of the Firefox browser, over the inclusion of the Safari browser in a software update issued by Apple to people who use iTunes on Windows-based PCs.
John Lilly, chief executive of Mozilla, said that it was "wrong" to push the browser on people who were simply trying to update iTunes.
"It undermines the trust relationship great companies have with their customers, and that's bad - not just for Apple, but for the security of the whole web," he wrote on his blog. Safari version 3.1 was released by Apple last week.◘
