One morning when checking my emails, one subject line really drew my attention: “Air France Flight 447 (crash pictures)”. The email claimed that images on the camera memory stick of a passenger on the crashed plane had been successfully reconstructed and could now be viewed in the attached PowerPoint presentation. When someone is trying that hard, my alarms go off.

Source: The H Security

Google has released version 5.0.375.99 of Chrome, a security update that addresses four “high” risk vulnerabilities in its WebKit-based browser, and a new Dev channel release that on Windows systems enables the new consolidated menu by default.

Source: The H Security

Despite the recent update, the protection against Adobe PDF /launch attacks is incomplete. By enclosing the commands they embed in PDF documents in double quotation marks, attackers can bypass the protection

Source: The H Security

Last year Microsoft caused annoyance with a furtively installed Firefox add-on. With the update for its Search Enhancement Pack the vendor has now slipped unaware Firefox users another add-on

Source: The H Security

Attackers have embedded an exploit for the recent vulnerability in Flash Player in tens of thousands of web sites. The hacked web servers are Microsoft Internet Information Server and ASP.NET-based

Source: The H Security

Facebook has, for weeks, been plagued by a security flaw which, so far, it has been unable to fix and more and more exploits are coming into circulation. The latest of them promises the 101 hottest women in the world and displays an image of Jessica Alba

Source: The H Security

In recent years we have become used to selling our soul for access to useful online services, usually in the form of intimate data. The new Firefox synchronisation platform from Mozilla however, will ensure that the server operators have no access to my data. Source: The H Security

Personally I think it’s great that somebody takes steps against collecting more information.

Browser history stealing techniques have now been refined to the extent that web sites can find out what articles a user has recently read on news sites, their exact postcode and which search terms they have entered into search engines

Source: The H Security

According to a Google security blog post by developer Michal Zalewski, Google’s new, free Skipfish scanner is designed to be fast and easy to use while incorporating the latest in cutting-edge security logic. Felix ‘FX’ Lindner examines Skipfish to see how well it compares to other tools used to check web site integrity.

More about Skipfish on Google’s Online Security Blog

Source: The H Security