Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

Nokia and Sun confirm S40, Java ME vulnerabilities

According to published reports, Nokia and Sun have both confirmed the existence of serious security problems in the Series 40 and Java Platform Micro Edition (Java ME) , giving instant credibility to the claims by Polish hacker Adam Gowdiak.

August 21, 2008 by Ryan Naraine

1 Comment

More security holes appear in Microsoft Office

In addition to this long list of missing Microsoft patches, there are at least three serious (unpatched) vulnerabilities in the Microsoft Office productivity suite.On August 12, the same day Microsoft released a slew of Office patches, TippingPoint's DV Labs published a bare-bones advisory warning about a new high-risk Office flaw that allows code execution attacks.

August 21, 2008 by Ryan Naraine

18 Comments

Exploit code published for Apache Tomcat flaw

The United States Computer Emergency Response Team (US-CERT) has raised an alarm for a serious vulnerability in Apache Tomcat, warning that a proof-of-concept exploit is publicly available.The code, posted to Milw0rm.

August 21, 2008 by Ryan Naraine

12 Comments

FEMA's PBX network hacked, over 400 calls made to the Middle East

Someone's been chatting a lot during the weekend, but picking up FEMA's PBX network as their main carrier might not have been the smartest thing to do. Over 400 calls, lasting from three up to ten minutes were placed through their network, a breach made possible due to an insecurely configured Private Branch Exchange system :"A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia.

August 20, 2008 by Dancho Danchev

Comments

Open source and the 'fear factor' mentality

Guest editorial by Emma McGrattanIn the current economic climate, businesses of every size are looking to reduce their spending wherever possible. Open source software, which has no upfront licensing fees, is one way of achieving significant savings.

August 20, 2008 by Ryan Naraine

58 Comments

Opera patches 7 vulnerabilities but keeps one a secret

Opera Software has shipped a new version of its flagship Web browser with fixes for at least seven documented security problems but details on one vulnerability -- a cross-site scripting issue reported by Chris Weber-- is being kept under wraps.Opera warned that one of the seven flaws is rated "extremely severe" because of the risk of arbitrary code execution.

August 20, 2008 by Ryan Naraine

Comments

Can Adobe mitigate 'clipboard hijack' issue?

Adobe's product security incident response team (PSIRT) says it is investigating possible solutions to the clipboard hijack attacks spotted on Flash-based advertisements on high-profile Web sites.A barebones note on the PSIRT blog simply acknowledges the issue and promised more information after the investigation but, by mentioning "possible solutions," it is clear that that Adobe is looking for ways to mitigate the threat.

August 20, 2008 by Ryan Naraine

10 Comments

Visa, banks to test real-time fraud alerts

Credit card giant Visa is teaming up with with eight North American banks to deliver fraud alerts in real-time via SMS (text messages) and e-mails to cell phones.The pilot program will allow about 2,000 Visa cardholders to set thresholds that will trigger an immediate transaction alert to a mobile device.

August 20, 2008 by Ryan Naraine

6 Comments

SpamZa - opt in spamming service fighting to remain online

A recently launched unethical spam list building service called SpamZa, is fighting to remain online after providing highly successful (87 spam emails in 8 minutes) into fulfilling its objective, namely, to sign up any email submitted to hundreds of newsletters anonymously.What is SpamZa anyway?

August 19, 2008 by Dancho Danchev

4 Comments

Scammers caught backdooring chip and PIN terminals

The U.K's Dedicated Cheque and Plastic Crime Unit (DCPU) have recently uncovered state of the art social engineering scheme, where once backdoored, chip and PIN terminals were installed at retailers and petrol stations in an attempt to steal the credit card details passing through.

August 19, 2008 by Dancho Danchev

2 Comments