Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

A roadmap for the Twitter CSO

The folks at Twitter had to deal with an attack from both phishers and hackers over the past few days. As someone who has been in their shoes many times before, I deeply sympathize with their team and I understand the amount of work that they need to do.

January 7, 2009 by Adam O'Donnell

2 Comments

Bogus LinkedIn profiles serving malware

A currently active malware campaign is taking advantage of bogus LinkedIn profiles impersonating celebrities in an attempt to trick users into clicking on links serving bogus media players. LinkedIn is among the latest social networking services considered as a valuable asset in the arsenal of the blackhat SEO knowledgeable cybecriminal, simply because this approach works.

January 6, 2009 by Dancho Danchev

10 Comments

Thousands of Israeli web sites under attack

In the wake of the escalating conflict between Israel and Hamas, it didn't take long before pro-Hamas supporters organized themselves and started to defacing thousands of pro-Israeli web sites in order to use them as vehicles for propaganda -- Israel is meanwhile hijacking TV signals.

January 6, 2009 by Dancho Danchev

30 Comments

Twitter phishing... inside Twitter

Over the weekend I received a handful of reports of individuals using Direct Messages inside of Twitter to phish for Twitter accounts and passwords.A cluster of compromised Twitter accounts are sending out person-to-person phishing messages inside the Twitter network.

January 4, 2009 by Adam O'Donnell

6 Comments

Real plugs critical holes in Helix Server

RealNetworks has shipped a new version of its Helix Server to plug at least four vulnerabilities that introduce code execution and denial-of-service risks.The flaws affect Helix Server Version 11.

January 2, 2009 by Ryan Naraine

1 Comment

Adobe Flash, Apple Safari fail privacy test

Third party plug-ins like Adobe Flash do a poor job of cleaning traces of your browser sessions, rendering private-browsing features somewhat useless, according to a new study by researcher Katherine McKinley.McKinley, a researcher at iSec Partners, created a tool for testing the functionality of clearing private data after a browser session and browsing in private mode and found that some browsers -- most notably Apple's Safari for Windows -- do a poor job of wiping traces of a browser session.

January 2, 2009 by Ryan Naraine

16 Comments

Military contractor "cyber-defense" gold rush begins

Sensing a shift in upcoming defense priorities, Lockheed and Boeing are both launching information security product divisions.Bloomberg is reporting that both Lockheed Martin and Boeing are building security product groups to address the military's needs in defending cyberspace.

January 2, 2009 by Adam O'Donnell

9 Comments

MD5/rogue CA attack: The sky is not falling

Guest post by John Viega Today there’s been a lot of buzz about the clever new attack on public key infrastructure from Alex Sotirov and a team of researchers.   In the attack, the bad guy ends up with his own Certification Authority (CA) that is fully trusted according to every major browser.

December 30, 2008 by Ryan Naraine

13 Comments

An easy fix ignored

Guest post by Chris EngIn the wake of this morning's 25C3 presentation by Alex Sotirov and Jacob Appelbaum, most of the coverage I've read so far has focused on the technical details and real-world impact of their findings. Rightly so -- their paper describing the attack is a fascinating read filled with enough gory details to make any security practitioner salivate.

December 30, 2008 by Ryan Naraine

8 Comments