If you use Google's GMail or GTalk services, pay special attention to random e-mails or instant messages requesting your login credentials.There is a major spam run underway with a phishing scam using social engineering techniques to snag Google Account usernames and passwords and, according to multiple reports, the attack appears to be very effective.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
After years of lagging behind on important security features, Apple has finally added a malware-blocker, a phishing filter and support for EV (extended validation) certificates into the latest refresh of its Safari Web browser.The malware roadblock headlines a list of Safari 4 security features that also includes cookie blocking, private browsing, secure encryption, safe downloads and parental controls.
In response to in-the-wild zero-day attacks targeting critical flaws in Adobe's Reader/Acrobat products, a respected security researcher is offering up a home-brewed (unofficial) patch for Windows users.The buyer-beware patch -- which is simply a replacement for the vulnerable AcroRd32.
[ UPDATE: Here's the official alert from Adobe with information on the patch. It covers a total of five vulnerabilities and affects Flash Player 10.
Microsoft has confirmed that the code execution vulnerability reported yesterday in Excel is real, and has expanded the list of vulnerable systems.Microsoft has stated that the code execution vulnerability discovered by Symantec, now known by CVE number 2009-0238, is legitimate.
Guest editorial by Mike RothmanDo you remember that classic game show “To Tell the Truth?” It was great and trying to figure out who was the “real” person was always a challenge.
Symantec is reporting that a new remote vulnerability has been discovered in Microsoft Excel 2007, and that this vulnerability is being exploited in the wild.Details are sparse, but it looks like Symantec has discovered a code-execution vulnerability in Excel 2007 and Excel 2007 SP1.
As further proof that no one is immune to making mistakes, two of the algorithms competing to be the next hash standard were found to contain buffer overflows.The government board in charge of nominating standard cryptographic algorithms, NIST, has been holding a competition to choose the next standard hash scheme.
eBay solutions provider Auctiva.com suffered a malware attack during the weekend, resulting in a "this site may harm your computer" badware warning which affected hundreds of thousands of customers and their eBay auctions.
That was fast. Chinese hackers collaborating with the Chinese Hacking Union, a two-years old training community for wannabe hackers, hacked and defaced the official web site of the General Consulate of the Russian Federation in Shanghai, PRC in response to the recent accusations that a Russian navy vessel has sank a Chinese cargo ship.