A remote buffer overflow vulnerability in the Linux Kernel could be exploited by attackers to execute code or cripple affected systems, according to a Gentoo bug report that just became public.The flaw could allow malicious hackers to launch arbitrary code with kernel-level privileges.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
According to TPM Muckraker and this press release, the Republican National Committee is lining up the computer forensics firm Forensicon to provide analysis on e-voting machines to form the basis of a legal attack against the validity of the 2008 presidential election.
During the weekend, Google and T-Mobile pushed a patch fixing last week's disclosed security flaw affecting Google's Android. The flaw and the PoC were communicated to Google on October 20th, with the vulnerability itself made possible due to Android's use of outdated third-party software packages.
First came Microsoft's emergency patch. Then the public release of reliable exploit code.
(See important update below for information on patching this vulnerability). Heads up for Windows users: There's a critical, remotely exploitable vulnerability in Adobe Acrobat/Reader version 8.
Unless you have been living under a rock for the past 24 months, you should be well aware that tomorrow millions of Americans will be going to the polls to select their representative, one-third of their senators, and the next president. In general, Americans have become wary of the election process ever since the litigation that follows the 2000 election.
One would assume that popular sources for zero day vulnerabilities+Poc's such as Full-Disclosure, Bugtraq or Milw0rm are the primary sources for obtaining responsibly or irresponsibly released flaws. They'd be wrong.
The concept of building a fraudulent ecosystem by abusing legitimate services only is nothing new, and as we've already seen numerous times throughout the year, malicious attackers are actively embracing it. Bebo, the popular social networking site is currently under attack from spammers that are automatically registering thousands of bogus accounts advertising fake online pharmacies, with the campaign owners receiving revenue through an affiliate based program.
This weekend marks the 20th anniversary of the Internet Worm, the first major worm that propagated on the Internet. Even though many years have passed and underlying media has changed, worms are still able to wreak havoc and keep system administrators up at night.
With the exact number of end users interacting with phishing emails by submitting bogus data still unknown, phishers are on the other hand continuing to apply basic quality assurance processes ensuring that they will be collecting only validated credit card details, and limiting the opportunity for researchers and end users to poison their campaigns.