Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

uTorrent silently patches critical vulnerability

If uTorrent is the client you use to download files, now might be a good time to hit that "check for updates" button.According to security alerts aggregator Secunia, there's a "highly critical" uTorrent vulnerability that could allow remote code execution attacks with rigged .

August 18, 2008 by Ryan Naraine

3 Comments

Adobe Flash ads launching clipboard hijack attack

Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks.In the Web attacks, which target Mac, Windows and Linux users running Firefox, IE and Safari, hackers are seizing control of the machine's clipboard and using a hard-to-delete URL that points to a fake anti-virus program.

August 18, 2008 by Ryan Naraine

60 Comments

From Metasploit to Microsoft: Skape goes to Redmond

Metasploit developer Matt Miller, who for years frustrated Microsoft officials with the public release of Windows exploits, is heading to Redmond to join Microsoft's Security Science team.Miller, who uses the hacker moniker Skape,will work on improved ways to find security vulnerabilities and better software defenses through mitigations, according to an announcement by SDL guru Michael Howard.

August 18, 2008 by Ryan Naraine

1 Comment

Fedora infrastructure breach?

Has there been a security breach in Red Hat Fedora's infrastucture systems?According to a cryptic announcement posted to the Fedora-Announce mailing list, the open-source group is investigating an unspecified "issue in the infrastructure systems" that has resulted in widespread service outages.

August 18, 2008 by Ryan Naraine

10 Comments

1.5m spam emails sent from compromised University accounts

With the increasingly common spamming as a service underground propositions relying on botnets, and services offering thousands of pre-registered accounts at popular email providers, it would be logical to consider that old school techniques consisting of compromising accounts and abusing them to send as many spam emails as possible in the shortest time frame achievable, have long disappeared from the arsenal of the spammer. However, there are always "amateur exceptions" proving otherwise.

August 15, 2008 by Dancho Danchev

11 Comments

Microsoft investigating NSlookup.exe flaw, reported attacks

Microsoft is investigating new public reports of a zero-day Windows vulnerability that's being exploited in the wild.According to a this SecurityFocus alert, the attacks are exploiting a remote code-execution vulnerability due to an unspecified error in NSlookup.

August 15, 2008 by Ryan Naraine

19 Comments

OpenVAS emerges as free alternative to Nessus

A new open-source project called OpenVAS has emerged to take the place of Nessus, the popular vulnerability assessment system that closed its source a few years ago.The first stable version of OpenVAS, which is a fork of Nessus 2.

August 15, 2008 by Ryan Naraine

1 Comment

Where on earth are these Microsoft patches?

Lost in the shuffle of this month's Patch Tuesday barrage is the fact that a critical vulnerability in the ever-present Windows Media Player (WMP) was not fixed "because of a last minute quality issue."Microsoft originally listed the WMP update in the advance notice for August but, when the patches dropped on Tuesday, it had slipped because of patch-quality concerns.

August 14, 2008 by Ryan Naraine

76 Comments