Already burned by the discovery of serious security vulnerabilities in its SDK, the Android Security Team emerged from the shadows this week with an appeal to the security community for help fixing flaws in the Linux-based mobile platform.In a note posted to several public mailing lists, the open-source group published a detailed FAQ covering its security philosophy and process and made a direct request for hackers to use responsible disclosure (.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
If you needed a university certificate in China during the last couple of months, there's a big chance that a group of ten people could have supplied with you such, going a step further and adding your details in more than ten government databases across different provinces in the country, making $300k in the process.Shanghai Daily is reporting on this sophisticated group of local hackers who were selling "valid" educational certificates by modifying government databases.
Here's a paradox - a technology originally meant to verify the sender of an email message for the sake of preventing spoofed messages from reaching the network, still hasn't been embraced by the world's biggest companies despite being around for years, but is actively used by adaptive spammers increasingly abusing legitimate services in order to take advantage of their identifiable email reputations.
Guest editorial by Rob FullerDEFCON, the 9000+ attendee hacker conference in Vegas has become a sort of hydra conference. It has become more like a global fair than what most people think of conferences; even the badge is highly unique.
If uTorrent is the client you use to download files, now might be a good time to hit that "check for updates" button.According to security alerts aggregator Secunia, there's a "highly critical" uTorrent vulnerability that could allow remote code execution attacks with rigged .
Malicious hackers are using booby-trapped Flash banner ads to hijack clipboards for use in rogue security software attacks.In the Web attacks, which target Mac, Windows and Linux users running Firefox, IE and Safari, hackers are seizing control of the machine's clipboard and using a hard-to-delete URL that points to a fake anti-virus program.
Metasploit developer Matt Miller, who for years frustrated Microsoft officials with the public release of Windows exploits, is heading to Redmond to join Microsoft's Security Science team.Miller, who uses the hacker moniker Skape,will work on improved ways to find security vulnerabilities and better software defenses through mitigations, according to an announcement by SDL guru Michael Howard.
Has there been a security breach in Red Hat Fedora's infrastucture systems?According to a cryptic announcement posted to the Fedora-Announce mailing list, the open-source group is investigating an unspecified "issue in the infrastructure systems" that has resulted in widespread service outages.
Guest post by Oliver DayMy PowerBook is in the third year of its life and has begun falling apart on a regular basis. I’ve had the laptop in for repair at least five times this year alone.
With the increasingly common spamming as a service underground propositions relying on botnets, and services offering thousands of pre-registered accounts at popular email providers, it would be logical to consider that old school techniques consisting of compromising accounts and abusing them to send as many spam emails as possible in the shortest time frame achievable, have long disappeared from the arsenal of the spammer. However, there are always "amateur exceptions" proving otherwise.