What's the current state of click fraud, and what tools and tactics do the people behind click fraud campaigns have in their arsenal? A recently analyzed affiliate based network for using botnets to commit click fraud provides a timely assessment of the situation, and provides evidential facts on the internal success rate of such a consolidated botnet.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is an outspoken and controversial author and journalist; she contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
It's Patch Day in the land of Mac OS X Leopard.Apple today shipped Security Update 2008-003 (Mac OS X 10.
Adobe has finally issued an almost-definitive statement on the reports of a zero-day attack targeting its flagship Flash Player, suggesting (kinda) that the vulnerability is already patched.
Dan Geer, a risk-management pioneer who is often described as "the dean of the security deep-thinkers' set," has left Verdasys to join In-Q-Tel as chief information security officer.Geer (left) will remain on the masthead at Verdasys as Chief Scientist Emeritus.
A great example of an attack where Web Application Firewalls (WAFs), simple scanning tools, HackerSafe certifications, and PCI (it might through some financial controls I'm not aware of) are not going to help you stay secure was posted by Kevin Poulsen over at the crime blog at blogs.wired.
Update 05/27/2007: One of the comments in the talkbacks (thanks kd5auq!)mentioned that there is no patch to be downloaded for AT&T based Motorola RAZR phones.
[ See important update to this story here ]Malware hunters have spotted a previously unknown -- and unpatched -- Adobe Flash vulnerability being exploited in the wild.The zero-day flaw has been added to the Chinese version of the MPack exploit kit and there are signs that the exploits are being injected into third-party sites to redirect targets to malware-laden servers.
I was thinking about the problem of identity theft today and looked back at notes I took during Nitesh Dhanjani and Billy Rios's presentation at Black Hat and Blue Hat recently and I came to the realization that our government should be doing more about this crap.You see, identity theft is an economy itself.
On the heels of an EUSecWest conference presentation on malicious rootkits for Cisco IOS (see background), Cisco's security response team has published a must-read document confirming that stealthy malware can be loaded on the software used on the vast majority of its routers and network switches.Cisco warns:It is possible that an attacker could insert malicious code into a Cisco IOS software image and load it onto a Cisco device that supports that image.
The recently released U.S Federal Computer Security Report Card for 2008, indicates that several critical to national security departments continue failing to implement the Federal Information Security Management Act (FISMA).