This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Podcast News
OWASP Podcast News
OWASP NEWS 2010
OWASP Podcast Roundtable
Next Recording : February 16, 2010
US Cybersecurity Bill
http://www.theregister.co.uk/2010/02/04/house_cybersecurity_bill/
The US House of Representatives has overwhelmingly passed a bill that would direct almost $400m toward research designed to shore up the nation's cybersecurity defenses.
The Cybersecurity Enhancement Act would authorize $108.7m over five years to establish a cybersecurity scholarship program. In return, students would serve in federal government posts upon graduation.
Microsoft's 1999 "Secure Windows Initiative"
Proof that Microsoft's 1999 "Secure Windows Initiative" and 2002 "Trustworthy Computing" have provided immutably secure software:
New IE zero-day : IE Flaw Allows File Access
(February 3 & 4, 2010)
Microsoft has issued a security advisory warning of a vulnerability in Internet Explorer (IE) that affects users running Windows XP or who have disabled IE Protected Mode. The vulnerability essentially turns vulnerable computers into "public file server[s];" attackers can exploit the flaw to access files with known filenames and locations if they trick users into visiting specially-crafted websites. The vulnerability is the result of incorrectly rendering local files in the browser. It affects IE 5.01 and IE 6 on Windows 2000; IE 6 on Windows 2000 SP 4; and IE 6, 7 & 8 on Windows XP and Windows Server 2003. http://www.microsoft.com/technet/security/advisory/980088.mspx http://www.theregister.co.uk/2010/02/04/ms_browser_bug/ http://www.computerworld.com/s/article/9151838/IE_flaw_gives_hackers_access_to_user_files_Microsoft_says?taxonomyId=17
Google to Drop IE 6 Support
(February 3, 2010) Google has announced that as of March 1, 2010, its applications will no longer support Internet Explorer 6 (IE 6). Although Google did not say so directly, the decision may have been influenced by recently disclosed attacks against Google and other US companies that exploited a vulnerability in IE 6. The attacks prompted public warnings in Germany, France and Australia against using IE 6. http://www.msnbc.msn.com/id/35219388/ns/technology_and_science-security/