Microsoft is planning to ship an emergency Internet Explorer update tomorrow (December 17) to counter an escalating wave of malware attacks targeting a zero-day browser vulnerability.[ SEE: Hackers exploiting (unpatched) IE 7 flaw to launch drive-by attacks ]The out-of-band update, which will be rated critical, follows the public discovery of password-stealing Trojans exploiting the bug on Chinese-language Web sites.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Malware hunters at Websense Security Labs have discovered legitimate Google sponsored links being used to plant scareware programs (rogue anti-virus applications) on the computers of Windows users.In a blow-by-blow description of the rogueware attack, Websense researcher Elad Sharf shows how an innocent Google search for the Winrar file archiver and data compression utility can lead to a fake C|Net downloads.
Opera has released version 9.63 of its browser as a "recommended security upgrade" that fixes at least seven security vulnerabilities, some with serious risk implications.
I was traveling the eastern seaboard all of last week, visiting family, friends, and old work colleagues in Philadelphia, New York, and Boston, so I didn't have much opportunity to provide feedback to what had become the most heavily discussed blog post I have yet generated.Two weeks ago, people got all hot and bothered because Apple appeared to have posted and retracted a recommendation that people run anti-virus software on their Mac.
Microsoft has reported sightings of exploitation of the recent vulnerability in IE7 on various porn sites. This isn't really bad news, since no one looks at such improper things on the Internet, right?
Apple has released a peck of patches to cover at least 21 documented security vulnerabilities affecting Mac OS X users.With its eighth security update for 2008, the company shipped fixes for flaws that could lead to remote code execution and denial-of-service attacks .
That nifty password management feature in your favorite Web browser could be helping identity thieves pilfer your personal data.That's the biggest takeaway from the results of this test which shows that all the major Web browsers -- including IE, Firefox, Opera, Safari and Chrome -- are vulnerable to a total of 20 vulnerabilities that could expose password-related information.
Project XSSed, the clearing house for cross site scripting flaws has just released details on four flaws affecting Facebook's developers page, iPhone login page and the new users registration page, potentially assisting malicious attackers into adding more legitimacy to their campaigns.
Mozilla's flagship Firefox browser has earned the dubious title of the most vulnerable software program running on the Windows platform.According to application whitelisting vendor Bit9, Firefox topped the list of 12 widely deployed desktop applications that suffered through critical security vulnerabilities in 2008.
A reporter picked up a used BlackBerry in the massive liquidation of the McCain campaign holdings. It turns out that someone forgot to wipe the contents of the Blackberry's memory.