Many years back, I moved over into Java world and when I was asked to implement my very first security implementation, I realized that there was no easy way to do this and many clients would actually want us to use LDAP for authentication and authorization. For many years, I continued to use that. And, then one day in a discussion with a client, we were asked to provide SSO implementation and client did not have an existing setup like SiteMinder. I started to think about if we can go about using NTML based authentication. The reason that was possible was because the application we were asked to build was to be used within the organization itself and all the people were required to login into a domain.
The 2009 CWE/SANS Top 25 Most Dangerous Programming Errors is a list of the most significant programming errors that can lead to serious software vulnerabilities. They occur frequently, are often easy to find, and easy to exploit. They are dangerous because they will frequently allow attackers to completely take over the software, steal data, or
Just after hours of Firefox 3.0 release, a “Code Execution Vulnerability was found” in Firefox 3.0. Read more.
Flex 3 has a potential cross-site scripting vulnerability for Adobe released a bulletin. It is recommended for all the users who are using HistoryManagement to apply this patch.
Malware hunters have spotted a previously unknown — and unpatched — Adobe Flash vulnerability being exploited in the wild…. read full story. Adobe in response has issued an almost definitive statement suggesting that the reported vulnerability has already been patched.