In an interesting twist on browser-based security issues, security researchers said they have found a flaw in which Microsoft's Internet Explorer can cause Mozilla's Firefox to execute remote malicious code. Security firm Secunia released an advisory Tuesday, ranking the flaw as highly critical. The vulnerability is confirmed on Firefox 2.0.0.4 on a fully-patched version of Windows XP SP2.

A few months after launching this blog I asked why there was no open source security.
Now there is. Untangle has released its network gateway under GPVv2. CEO (and blogger) Bob Walters compares his product to SONICwall and Watchguard, saying “we’ll sell services and premium products on top of it.”

"Have you ever wanted to spy see on what is going on in your home while you are away? Motion is a piece of open source software that acts as a motion detector."

We're going to demonstrate how to quickly install and run the open source IDS sensor Snort on Red Hat Enterprise Linux 5 (RHEL 5). The instructions below will also generally work for RHEL 4, CentOS 4 and 5, as well as Fedora Core 5 and 6.

Organizations of all sizes need to mitigate the risk of insider threats. Misconduct by authorized users represents a grave threat to an organization. According to the 2005 Computer Security Institute and Federal Bureau of Investigation Computer Crime and Security Survey, organizations reported that computer intrusions from inside sources accounted for nearly half of all incidents.

Red Hat Enterprise Linux 5 running on IBM servers now meets government security standards allowing Linux to be used in homeland security projects and command-and-control operations.

The logic behind this vulnerability is quite simple and the vulnerability class has been known and understood for years, namely that of protocol handler command injection. A browser typically consists of a multitude of different URL schemes, some of which are handled by internal functions and others that are handed off to external applications