Sunday, February 27, 2005

Firefox foils phishing flaw

Join ITtoolbox Security Alerts

Your daily insight into Security. Privacy More Alerts
security-daily-briefing security-jobs security-whitepapers
Firefox foils phishing flaw

VNUNet.com
By Steve Ranger
Friday, February 25, 2005


Security News Home


Click here to find out more!

All Firefox users are being encouraged to download a security update for the popular open source browser.

The update includes several fixes to guard against spoofing and arbitrary code execution, and improves stability, said The Mozilla Foundation.

The Firefox security update - Firefox 1.0.1 - is available for the 25 million users who have already downloaded the free browser.

The Mozilla Foundation said that it "encourages all users to download the update", which is available here.

"Regular security updates are essential for maintaining a safe browsing experience for our users," said Chris Hofmann, director of engineering at Mozilla.

"The Mozilla Foundation has developed a community of users and developers who continuously provide feedback on Mozilla software, and as a result of that constant vigilance we are able to provide quick and effective responses to security vulnerabilities."

Mozilla said that it evaluates security issues on an ongoing basis and will issue security updates "as warranted". More information is available in the release notes here.

To see more of VNUNet go to http://www.vnunet.com


Copyright © 2004 VNU Business Online Limited (UK) [All rights reserved]

NY teen charged over IM spam attack

By John Leyden, The Register Feb 22 2005 10:42AM
Click here for Core Impact!

A New York teenager has become the first American to be arrested for sending spam messages across IM networks. Anthony Greco, 18, of Cheektowaga, New York, was charged with violations of the CAN-SPAM Act after allegedly sending 1.5m messages punting mortgage refinancing and adult pornography to MySpace.com users in October and November 2004. According to a criminal complaint, Greco created thousands of fraudulent instant messaging accounts on MySpace.com to bombard its users with junk IM messages. Greco allegedly threatened additional attacks unless MySpace.com, an online community site popular with teenagers, hired him as a consultant. He travelled to Los Angeles last week hoping to granted "exclusive" rights to send commercial e-mail to users of the MySpace.com only to be arrested by officers from the US Secret Service and the Los Angeles Police Department after he stepped off the plane.