According to published reports, Nokia and Sun have both confirmed the existence of serious security problems in the Series 40 and Java Platform Micro Edition (Java ME) , giving instant credibility to the claims by Polish hacker Adam Gowdiak.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
In addition to this long list of missing Microsoft patches, there are at least three serious (unpatched) vulnerabilities in the Microsoft Office productivity suite.On August 12, the same day Microsoft released a slew of Office patches, TippingPoint's DV Labs published a bare-bones advisory warning about a new high-risk Office flaw that allows code execution attacks.
The United States Computer Emergency Response Team (US-CERT) has raised an alarm for a serious vulnerability in Apache Tomcat, warning that a proof-of-concept exploit is publicly available.The code, posted to Milw0rm.
Someone's been chatting a lot during the weekend, but picking up FEMA's PBX network as their main carrier might not have been the smartest thing to do. Over 400 calls, lasting from three up to ten minutes were placed through their network, a breach made possible due to an insecurely configured Private Branch Exchange system :"A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia.
Guest editorial by Emma McGrattanIn the current economic climate, businesses of every size are looking to reduce their spending wherever possible. Open source software, which has no upfront licensing fees, is one way of achieving significant savings.
Opera Software has shipped a new version of its flagship Web browser with fixes for at least seven documented security problems but details on one vulnerability -- a cross-site scripting issue reported by Chris Weber-- is being kept under wraps.Opera warned that one of the seven flaws is rated "extremely severe" because of the risk of arbitrary code execution.
Adobe's product security incident response team (PSIRT) says it is investigating possible solutions to the clipboard hijack attacks spotted on Flash-based advertisements on high-profile Web sites.A barebones note on the PSIRT blog simply acknowledges the issue and promised more information after the investigation but, by mentioning "possible solutions," it is clear that that Adobe is looking for ways to mitigate the threat.
Credit card giant Visa is teaming up with with eight North American banks to deliver fraud alerts in real-time via SMS (text messages) and e-mails to cell phones.The pilot program will allow about 2,000 Visa cardholders to set thresholds that will trigger an immediate transaction alert to a mobile device.
A recently launched unethical spam list building service called SpamZa, is fighting to remain online after providing highly successful (87 spam emails in 8 minutes) into fulfilling its objective, namely, to sign up any email submitted to hundreds of newsletters anonymously.What is SpamZa anyway?
The U.K's Dedicated Cheque and Plastic Crime Unit (DCPU) have recently uncovered state of the art social engineering scheme, where once backdoored, chip and PIN terminals were installed at retailers and petrol stations in an attempt to steal the credit card details passing through.