Throughout the month of June, a Ukranian hacker plans to shake out cross-site scripting bugs in the most popular search engines (think Google, Yahoo, MSN, Ask.com) and publish details on these security flaws.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of security. He is the author of three books and thousands of published articles and many more unpublished, private reports. Larry has been Technical Director at several test laboratories where he both directed and ran product testing, with a special interest in test automation. Larry began his career as a Software Engineer at the now-defunct Desktop Software Corporation in Princeton, NJ, on the team that wrote the NPL 4GL query language. He also worked on corporate IT and software development at Chase Econometrics. Larry is a graduate of the University of Pennsylvania with a degree in Public Policy.
Ms. Violet Blue (tinynibbles.com, @violetblue) is a freelance investigative reporter on hacking and cybercrime at Zero Day/ZDNet, CNET and CBS News, as well as a noted sex columnist. She has made regular appearances on CNN and The Oprah Winfrey Show and is regularly interviewed, quoted, and featured in a variety of publications that includes ABC News and the Wall Street Journal. She has authored and edited award-winning, best selling books in eight translations and has been a sex columnist for the San Francisco Chronicle. She has given keynote talks at such conferences as ETech, LeWeb, and the Forbes Brand Leadership Conference, and has given two Tech Talks at Google. In 2010, the London Times named Blue one of “40 bloggers who really count.” Ms. Blue is the author of The Smart Girl's Guide to Privacy. Violet Blue bio courtesy of TTI Vanguard.
Almost exactly a year after an intense botnet denial-of-service attack destroyed the renegade Blue Frog anti-spam service, the Israeli programmers are back and you won't believe what they're up to.
Microsoft plans to implement a major change to the Patch Tuesday advance notice mechanism to provide more details ahead of the release of security bulletins. The security bulletins are also undergoing a layout/design makeover.
Secunia's inspector identified about 4.9 million installed applications, and out of those, 1.4 million applications were found to be lacking critical security patches from the vendors. Opera users were the most tardy in applying critical patches for browser vulnerabilities.
An independent security researcher has released details on a two-stage malware attack against Windows Vista to show how easy it is for non-privileged code to replace shortcuts on the Start Menu and intercept UAC (User Account Control) privilege elevation prompts.
Polish hacker Joanna Rutkowska has teamed up with reverse engineering expert Alexander Tereshkin to to launch a new security services startup called Invisible Things Labs.
Katie Moussouris, a pen testing specialist who founded and managed Symantec Vulnerability Research, has left 'Big Yellow' to join Microsoft as a security strategist.
At the ToorCon Seattle (beta) conference, Web application security specialist Robert Hansen (RSnake) demoed Mr-T (Master Recon-Tool), a new utility that combines information disclosure bugs in Internet Explorer and Firefox to collect information on a target's computer system.
According to an alert posted on The Pirate Bay's blog, the stolen user credentials were encrypted but the site is still urging users to immediately change usernames and passwords to avoid the risk of identity theft.
A security researcher in India is warning that Citibank's new virtual keyboard anti-phishing mechanism can be easily defeated.
Apple has released a new version of the open-source Darwin Streaming Server to plug a pair of security flaws that could cause code execution attacks.
White hat hackers have descended on Seattle for two semi-private security conferences where new attack and exploitation techniques are being discussed.
Microsoft plans to ship a file conversion tool to give Office 2003 users a chance to protect against exploits rigged into .doc, .xls, .ppt documents.
Microsoft has released seven advisories -- all rated critical -- with patches for at least 19 vulnerabilities affecting the Windows operating system, the widely deployed Office productivity suite and the dominant Internet Explorer browser. Vista is affected by 6 of the 19 flaws.
Like an old grandfather clock, the controversy surrounding last month's CanSecWest MacBook hijack contest just keeps on ticking, loud enough to stick in your ear but so monotonous and tiring that it's near impossible to perk up and listen.