Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

IE zero-day attack surface expands

The attack surface for password-stealing Trojans currently targeting an unpatched flaw in Microsoft's Internet Explorer has expanded to include all versions of the browser, including the newest IE 8 Beta 2.Microsoft released an updated advisory to warn that the underlying flaw affects much more than IE 7 and to spread the word about additional workarounds that can help limit the damage from actual attacks.

December 12, 2008 by Ryan Naraine


US-CERT: Beware of airline ticket e-mail scam

The United States Computer Emergency Readiness Team (US-CERT) has issued an alert for an e-mail scam targeting holiday travelers, warning that malware authors are using clever social engineering tactics to hijack Windows computers.In the e-mail scam, users get a .

December 12, 2008 by Ryan Naraine

21 Comments 1 Vote

IE7 XML parsing zero day exploited in the wild

A couple of hours ago, two working proof of concept exploits for MS Internet Explorer XML Parsing Remote Buffer Overflow were posted at Milw0rm, with international hacking communities quickly catching up and starting to use it. The second PoC also works on Vista, in particular both exploits were tested on Vista SP1, Explorer 7.

December 10, 2008 by Dancho Danchev


Window Snyder leaves Mozilla

Mozilla security chief Window Snyder is leaving the open-source group.Snyder, who joined Mozilla after stints at Microsoft and Matasano Security, announced her exit on the Mozilla security blog today.

December 10, 2008 by Ryan Naraine


Gmail, Yahoo and Hotmail systematically abused by spammers

With the industry's eyes constantly monitoring the usual suspects' use of phony hosting providers, another market segment within the underground marketplace has been developing beneath the radar, aiming to build a malicious infrastructure (Spammers targeting Bebo, generate thousands of bogus accounts; Malware and spam attacks exploiting Picasa and ImageShack) through efficient CAPTCHA recognition.

December 10, 2008 by Dancho Danchev

78 Comments 1 Vote

Vint Cerf's Twitter account hacked, suspended for spam

(UPDATE: Cerf denies that this was his Twitter profile) It appears that Vint Cerf, the father of Internet who needs no introduction, has had his Twitter account compromised, with a multitude of spam messages posted on his behalf during the last 24 hours, all of which are redirecting to auction search sites (baysearch .net and soldly .

December 9, 2008 by Dancho Danchev


MS Patch Tuesday whopper: 28 vulnerabilities in Windows, IE, Office

Microsoft today dropped a monster Patch Tuesday release with fixes for at least 28 vulnerabilities affecting Windows, Office, Internet Explorer, Visual Basic Active Controls and Windows Media Player.Of the 28 flaws, 23 carry a "critical" rating, meaning they could be used to launch remote code execution attacks with minimal user action.

December 9, 2008 by Ryan Naraine


Hackers exploiting (unpatched) IE 7 flaw to launch drive-by attacks

Malicious hackers are exploiting a zero-day flaw in Microsoft's Internet Explorer browser to launch a new wave of drive-by downloads, according to a warning from security researchers.The Web attacks, first reported by Bob McMillan, takes aim at users running IE 7 on Windows XP SP2 and includes the use of a Trojan downloader that commandeers Windows machines for nefarious purposes.

December 9, 2008 by Ryan Naraine