Security alert at Bute House

Grok Headline matches for Security alert at Bute House

White House Divided Over Terror Alert
(AP)

White House Divided Over Terror Alert
(AP) 05/28/2004 03:18 AM
AP - The FBI and Justice Department insist that warning the public about a possibly devastating terror attack in this country was justified by intelligence and may avert a repeat of the Sept. 11 attacks. But some Bush administration officials and lawmakers aren't so sure.

MEDIA ALERT: Secure Elements Discusses
IT Security for Higher Education at
EDUCAUSE Security Professionals
Conference

MEDIA ALERT: Secure Elements Discusses
IT Security for Higher Education at
EDUCAUSE Security Professionals
Conference 03/31/2005 03:03 AM
Daniel Bezilla, Secure Elements’ chief technology officer, will explore how educational communities can benefit from implementing an Enterprise Vulnerability Management solution. [PRWEB Mar 31, 2005]

Argyll and Bute Council switches to
e-Procurement

Argyll and Bute Council switches to
e-Procurement 05/17/2004 03:00 AM
PublicTechnology.net May 17 2004 7:13AM GMT

PHP Security Alert

PHP Security Alert 06/05/2005 11:38 PM
PHP Advanced Transfer Manager Include File Error Lets Remote Users Execute Arbitrary Commands

Mac Security Alert

Mac Security Alert 05/12/2004 09:43 AM
A UK government organization responsible for gathering information on IT security incidents has issued two security advisories regarding recently identified vulnerabilities in Mac OS X. By Macworld UK (via MyAppleMenu)

Security Alert

Security Alert 09/21/2004 04:41 PM

Yet another Windows security alert

Yet another Windows security alert 03/19/2003 10:25 PM
Microsoft has released Security Bulletin MS03-007, which simply says: An identified security vulnerability in Microsoft® Windows® 2000 could allow an attacker to take control of your computer. This issue is most likely to affect computers used as Web servers. You can help protect your computer from this vulnerability by installing this update from Microsoft. If you're using Windows 2000, make sure you install it.

Security Alert: Another IE6
Vulnerability

Security Alert: Another IE6
Vulnerability 11/25/2002 11:55 AM
A new exploit has been found in IE6 that allows a serious security vulnerability. Although this is not directly related to PHP Freaks, I thought I would take a moment to point this out to our readers.

Security Alert: Voluntary XSS

Security Alert: Voluntary XSS 04/09/2004 05:30 PM

This is a personal security alert against a dangerous yet increasingly popular practice which I call Voluntary XSS.  Voluntary XSS involves a website voluntarily embedding script fragments hosted by another, typically very popular, website.  Here is an example:

Voluntary XSS is dangerous because the practice builds a hub-and-spoke (or star) vulnerability network which exposes all the spoke websites to  weaknesses in the hub website.  Since active contents of 'bar.js' from the hub website in the example above is typically injected into every page served by spoke websites, penetration at the hub website allows hackers to change contents of all pages served by spoke websites instantly by replacing the content of 'bar.js' with their own script.

As to how wide spread the use of Voluntary XSS is, Google uses Voluntary XSS to display ads at Google AdSense sites and Technorati uses Voluntary XSS for blog claiming blogs.  I haven't checked Amazon and Yahoo yet, but I intend to soon.

Since this is a personal security alert, allow me to be more blunt than formal security alerts: This is serious shit folks.  By inserting those HTML fragments into your webpages, you are betting that websites hosting those HTML fragments are and will remain impenetrable.Voluntary XSS makes those key websites very attractive to hackers and I seriously doubt any website can withstand constant onslaughts by smart hackers.

My other posts on this topic:

Cross-Site Scripting Network

APWG Threat Advisory Alert on Visual Spoofing

Feds Alert to Web Security Threat

Feds Alert to Web Security Threat 03/21/2003 05:59 AM
The Department of Homeland Security advises Americans to brace themselves for acts of cyberterror. But computer security experts say Internet users probably aren't much more vulnerable than usual. By Joanna Glasner.

Gates sparks security alert

Gates sparks security alert 07/30/2004 06:26 AM

Security Alert: PHPNuke Strikes Again

Security Alert: PHPNuke Strikes Again 02/04/2003 08:40 AM

Single New Security Alert From Microsoft
For May

Single New Security Alert From Microsoft
For May 05/11/2004 01:44 PM
Windows XP/2003 Help system could execute attack code. In contrast to last month's flood of severe problems, a single "Important" vulnerability in some Windows versions, and re-released of two previous ones.

Community News: PHP Security Alert

Community News: PHP Security Alert 02/13/2004 09:13 AM
In a posting from the fine folks at PHP Magazine:

Community News: Security Alert from
Netcraft

Community News: Security Alert from
Netcraft 06/14/2004 08:06 AM
A security note issued from Netcraft should be noted this week:

Security at on-alert airports can take 5
hours to clear

Security at on-alert airports can take 5
hours to clear 01/08/2004 07:48 PM
Andrew Leonard has an op-ed on Salon today describing the amazingly baroque TSA-inspired "security" procedures in Mexico City last weekend, which created a multiple-day delay for thousands of fliers.

I like to travel. But I'm not looking forward to a future in which I need to get to the airport five hours ahead of departure to be sure I won't miss a flight, one in which I'm patted down from head to toe several times every time I try to board a plane, one in which I am constantly explaining every item in my luggage and every twist in my itinerary to hostile agents. I've had the chance to think about airline security a great deal over the past few days, and I'll tell you this: After being asked by one security guard to drink from a water bottle in my carry-on to prove that it wasn't acid or poison; after being interrogated by a U.S. customs agent who was suspicious at the number of books I had in my luggage; after the long lines, the hand inspections, the X-ray screenings, the near riots by enraged passengers, the uncertainty and the anxiety -- after all that, traveling to a foreign land, or even just across the state of California, doesn't seem quite so exotic or alluring anymore.

Link (Thanks, Kevin!)

Greenspan Sounds Alert on Social
Security (AP)

Greenspan Sounds Alert on Social
Security (AP) 08/28/2004 04:27 AM
AP - For at least the fourth time this year, Federal Reserve Chairman Alan Greenspan has touched the electrified third rail of American politics — Social Security.

BA Cancels 2d Flight Amid Security Alert

BA Cancels 2d Flight Amid Security Alert 01/02/2004 02:28 PM
Reuters via Wired News Jan 2 2004 1:08PM ET

The MS 'friendly' security alert service
- just say d'oh

The MS 'friendly' security alert service
- just say d'oh 03/20/2003 11:55 AM
A

Security alert identifies Oracle holes

Security alert identifies Oracle holes 09/03/2004 06:48 AM
Computer Weekly Sep 3 2004 11:14AM GMT

BA Cancels Second U.S. Flight Amid
Security Alert

BA Cancels Second U.S. Flight Amid
Security Alert 01/02/2004 02:28 PM
Reuters via Wired News Jan 2 2004 1:08PM ET

Greenspan sounds alert on Social
Security

Greenspan sounds alert on Social
Security 08/29/2004 01:41 AM
Seattletimes.nwsource.com - Sun Aug 29, 02:57 am GMT

BA Cancels U.S. Flight Amid Security
Alert

BA Cancels U.S. Flight Amid Security
Alert 01/02/2004 07:22 PM
Reuters via Wired News Jan 2 2004 6:44PM ET

Hoax alert prompts security call

Hoax alert prompts security call 09/05/2004 11:16 AM
Residents of a County Antrim estate call for increased security following a loyalist bomb threat.

Cisco issues wireless Lan security alert

Cisco issues wireless Lan security alert 12/04/2003 09:38 AM
vnunet.com Dec 4 2003 8:48AM ET

Homeland Security Launches Cyber Alert
System

Homeland Security Launches Cyber Alert
System 01/29/2004 02:48 AM

Security Alert: Bagle.X Worm Seeding in
Progress

Security Alert: Bagle.X Worm Seeding in
Progress 04/09/2004 03:58 PM
There is an apparent seeding of a new Bagle worm variant, Bagle.X, currently in progress. While this seeding appears to be progressing at a slow rate, previous versions of the Bagle worms have been seeded in a similar manner and have witnessed great success.

Windows gamers targeted by Microsoft
security alert

Windows gamers targeted by Microsoft
security alert 06/09/2004 07:42 AM
PC Pro Jun 9 2004 12:23PM GMT

BA Cancels London-Riyadh Flight in
Security Alert

BA Cancels London-Riyadh Flight in
Security Alert 01/02/2004 04:59 PM
Reuters via Wired News Jan 2 2004 3:56PM ET

Re: [Fwd: Security Alert; possible
buffer overflow in all Mathopd versions]

Re: [Fwd: Security Alert; possible
buffer overflow in all Mathopd versions] 12/08/2003 02:13 PM
Peter Geissler (Dec 07 2003)

[Fwd: Security Alert; possible buffer
overflow in all Mathopd versions]

[Fwd: Security Alert; possible buffer
overflow in all Mathopd versions] 12/05/2003 01:53 PM
Gregor Lawatscheck (Dec 05 2003)

Security Alert: New Bagle.X Worm Variant
Detected

Security Alert: New Bagle.X Worm Variant
Detected 04/09/2004 03:58 PM
Bagle.X appears to be progressing slowly, but its seeding rate is consistent with previous Bagle versions that have witnessed great success.

Security Alert: Apache/Mod_ssl Worm in
the Wild

Security Alert: Apache/Mod_ssl Worm in
the Wild 09/17/2002 08:04 AM

Microsoft Security Update Alert -
Reminder to Patch

Microsoft Security Update Alert -
Reminder to Patch 05/02/2004 04:33 AM

CNN.com - Cities ramp up security on
terror alert rise - Dec. 22, 2003

CNN.com - Cities ramp up security on
terror alert rise - Dec. 22, 2003 12/22/2003 04:24 AM
U.S. heightens terrorism threat level - Dec. 21, 2003 .. wants to kill you

cnn.com/2003/US/12/21/threat.level/index.html
track this site | 4 links

Security Alert Shuts Down NY's Times
Square (Reuters)

Security Alert Shuts Down NY's Times
Square (Reuters) 03/28/2005 12:37 PM
Reuters - Police cordoned off Times Square in New York on Monday, closing off one of the busiest streets in the city after a report of a suspicious package, a police spokesman said.

Microsoft security trouble: early alert
for exclusive group only

Microsoft security trouble: early alert
for exclusive group only 09/17/2004 01:00 AM
Straits Times Sep 17 2004 5:41AM GMT

RE: US-CERT Technical Cyber Security
Alert TA04-111A -- Vulnerabilities in
TCP

RE: US-CERT Technical Cyber Security
Alert TA04-111A -- Vulnerabilities in
TCP 04/26/2004 01:18 PM
soby_at_hushmail.com (Apr 24 2004)

Internet alert Microsoft's browser
dominance at risk with warning of
security holes

Internet alert Microsoft's browser
dominance at risk with warning of
security holes 07/05/2004 02:39 AM
Independent Jul 5 2004 6:40AM GMT
Grok Description matches for Security alert at Bute House
GrokA matches for Security alert at Bute House

Security alert at Bute House

The following phrases have been identified by the grok system as matching this entry: