Guest post by Chris EngIn the wake of this morning's 25C3 presentation by Alex Sotirov and Jacob Appelbaum, most of the coverage I've read so far has focused on the technical details and real-world impact of their findings. Rightly so -- their paper describing the attack is a fascinating read filled with enough gory details to make any security practitioner salivate.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S.
Microsoft is pouring cold water on public reports of a serious code execution vulnerability in the newest versions of its Windows Media Player software.Following the release of proof-of-concept code alongside a claim that the bug can be remotely exploitable to launch arbitrary code, a Microsoft spokesman insists this "is not a product vulnerability.
Amazon has warned its customers that one of Samsung's digital picture frames shipped to customers infected with a virus. While Samsung has some egg on its face, malware that ships on consumer hardware is not as serious of an issue as it may seem.
Microsoft late Monday issued a pre-patch advisory confirming a remote code execution vulnerability affecting its SQL Server line.The vulnerability, publicly disclosed with exploit code more than two weeks ago, affects Microsoft SQL Server 2000, Microsoft SQL Server 2005, Microsoft SQL Server 2005 Express Edition, Microsoft SQL Server 2000 Desktop Engine (MSDE 2000), Microsoft SQL Server 2000 Desktop Engine (WMSDE), and Windows Internal Database (WYukon).
In a brilliant physical-world example of what happens when too much value is placed upon open identification systems for determining reputation, a group of high school students are setting off speeding enforcement cameras using fake license plates belonging to their enemies.According to an article in the D.
Hackers are using a combination of DNS redirection, software vulnerabilities and the open-source Apache Web server to exploit holes in Sony's new PlayStation Home virtual world, according to a Telegraph report.The hack is allowing developers to customize their PlayStation Home experience beyond the options provided by Sony but there's a worrysome component to this platform weakness...
Once again confirming the trend of having more legitimate sites serving exploits and malware than purely malicious ones, Chinese hackers have been keeping themselves busy during the last couple of days, launching massive SQL injection attacks affecting over 100,000 web sites.
Guest post by Eric SchultzeMicrosoft's latest Internet Explorer out-of-band patch release needs to be installed right away. The number of infected websites is growing at an alarming rate -- even people visiting legitimate websites are getting hacked with this exploit.
There isn't much to report just yet, but Microsoft has posted a patch for the widely exploited IE7 vulnerability. After applying the patch, you should feel free to carry on with your previous activities.