In a recently conducted comparative review, Danish security company Secunia, tested the detection rate of 12 different Internet Security Suites against 300 exploits (144 malicious files and 156 malicious web pages) affecting popular end user applications, to find that even the top performer in the test is in fact performing poorly in general. Their conclusion :"These results clearly show that the major security vendors do not focus on vulnerabilities.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Malicious attackers are once again taking advantage of event-based social engineering attacks, and are currently mass mailing fake notifications for Microsoft's Patch Tuesday, attaching a copy of Trojan.Backdoor.
It seems that not a day goes by without a new media alert regarding bad things in the chinese supply chain. First it was lead in our toys, then it was melamine in our milk, and now it also may be backdoors in our counterfeit Cisco hardware.
There are many ways of telling the world about a security vulnerability. A vulnerability can be announced without telling the vendor, it can be announced after giving the vendor a period of time to fix the issue, or it may just be circulated amongst the underground without ever coming to the surface.
We tend to say that information security is a small world. Conferences quickly become real-life demonstrations of the principle of six-degrees-of-separation.
It will be a very busy Patch Tuesday for administrators managing Microsoft Windows computer systems.According to Microsoft's advance notice mechanism, 11 security bulletins will drop next Tuesday (October 14, 2008), covering a wide range of serious vulnerabilities.
Apple has shipped another whopper of a patch to cover a total of 40 documented vulnerabilities affecting the Mac OS X ecosystem.The Security Update 2008-007, available for Tiger and Leopard, covers a range of third-party components and Mac OS X flaws that could users at risk of remote code executions attacks.
Buried in the flurry of feature-related news surrounding the release of Opera 9.6 is the fact that the update fixes an "extremely severe" vulnerability that could expose Opera users to code execution attacks.
Asus has confirmed and apologized to customers (press release in Japanese; translated version) for shipping malware on the recently introduced Eee Box desktop computer :"According to an email sent out by Asus, PC Advisor reports, the Eee Box's 80GB hard drive has the recycled.exe virus files hidden in the drive's D: partition.
The U.S. Justice Department today announced that a federal grand jury in Knoxville, Tennessee has indicted the 20-year-old son of a state lawmaker in connection with the compromise of Sarah Palin's Yahoo e-mail account.