A recently conducted experiment by F-Secure estimates that approximately 3.5 million hosts have been infected with W32/Conficker.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
A Russian malware author with involvement in the Zlob malware family, one of the most prolific malware families in 2008 thanks to its successful mimicking of video codecs, has left a message for the Windows Defender team inside a sample analyzed by French researchers. The message is a follow-up to a previous note left in October, and is basically greeting Microsoft in respect to their improving detection rates for this malware family.
Hackers can use booby-trapped PDF attachments sent to BlackBerry devices to launch malicious code execution attacks, according to warnings issued by Research in Motion (RIM).The company shipped patches this week to address a pair of critical vulnerabilities affecting its enterprise product line.
The official web site of Paris Hilton (parishilton.com) has been embedded with a malicious iFrame, automatically exposing visitors to client-side vulnerabilities and banker malware, according to researchers from ScanSafe.
One of the last stand-alone host-based intrusion detection product vendors has been picked up by an anti-virus firm.The Redwood City-based HIPS vendor Sana Security has been acquired by the popular AV vendor AVG for an undisclosed sum.
There's a major privacy problem with the RSS reader built into Apple's Safari browser.According to an alert from Brian Mastenbrook, there is a serious Safari vulnerability that allows a malicious web site to read files on a user's hard drive without user intervention.
Oracle has dropped the first quarterly critical patch update for 2009 -- with patches for 41 vulnerabilities in a wide range of database server products.The January 2009 CPU includes 20 new security fixes for the company's flagship database product lines, 4 new security fixes for the Oracle Application Server, 9 vulnerabilities in Oracle Secure Backup, 4 new security fixes for the Oracle Applications Suite, and 6 new security fixes for the PeopleSoft and JDEdwards Suite.
The SANS institute has produced a list of the top 25 classes of programming flaws. The list won't make the flaws go away, but it does provide software purchasers with a powerful tool for whacking irresponsible software vendors.
Microsoft today shipped a solitary bulletin with patches for at least three documented security flaws in the Microsoft Server Message Block (SMB) Protocol.The three vulnerabilities, rated "critical" on Windows 2000, Windows XP and Windows Server 2003, exposes Windows users to remote code execution attacks, Microsoft said in its MS09-001 bulletin.
The Microsoft report on the profitability of phishing and its associated economic constraints is reminiscent of another illegal enterprise: street-level drug dealing.Microsoft released a report stating that phishing is no where near as profitable as commonly believed.