Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

Exploit code published for Apache Tomcat flaw

The United States Computer Emergency Response Team (US-CERT) has raised an alarm for a serious vulnerability in Apache Tomcat, warning that a proof-of-concept exploit is publicly available.The code, posted to Milw0rm.

August 21, 2008 by Ryan Naraine


FEMA's PBX network hacked, over 400 calls made to the Middle East

Someone's been chatting a lot during the weekend, but picking up FEMA's PBX network as their main carrier might not have been the smartest thing to do. Over 400 calls, lasting from three up to ten minutes were placed through their network, a breach made possible due to an insecurely configured Private Branch Exchange system :"A hacker broke into a Homeland Security Department telephone system over the weekend and racked up about $12,000 in calls to the Middle East and Asia.

August 20, 2008 by Dancho Danchev


Open source and the 'fear factor' mentality

Guest editorial by Emma McGrattanIn the current economic climate, businesses of every size are looking to reduce their spending wherever possible. Open source software, which has no upfront licensing fees, is one way of achieving significant savings.

August 20, 2008 by Ryan Naraine


Opera patches 7 vulnerabilities but keeps one a secret

Opera Software has shipped a new version of its flagship Web browser with fixes for at least seven documented security problems but details on one vulnerability -- a cross-site scripting issue reported by Chris Weber-- is being kept under wraps.Opera warned that one of the seven flaws is rated "extremely severe" because of the risk of arbitrary code execution.

August 20, 2008 by Ryan Naraine


Can Adobe mitigate 'clipboard hijack' issue?

Adobe's product security incident response team (PSIRT) says it is investigating possible solutions to the clipboard hijack attacks spotted on Flash-based advertisements on high-profile Web sites.A barebones note on the PSIRT blog simply acknowledges the issue and promised more information after the investigation but, by mentioning "possible solutions," it is clear that that Adobe is looking for ways to mitigate the threat.

August 20, 2008 by Ryan Naraine


Visa, banks to test real-time fraud alerts

Credit card giant Visa is teaming up with with eight North American banks to deliver fraud alerts in real-time via SMS (text messages) and e-mails to cell phones.The pilot program will allow about 2,000 Visa cardholders to set thresholds that will trigger an immediate transaction alert to a mobile device.

August 20, 2008 by Ryan Naraine


SpamZa - opt in spamming service fighting to remain online

A recently launched unethical spam list building service called SpamZa, is fighting to remain online after providing highly successful (87 spam emails in 8 minutes) into fulfilling its objective, namely, to sign up any email submitted to hundreds of newsletters anonymously.What is SpamZa anyway?

August 19, 2008 by Dancho Danchev


Scammers caught backdooring chip and PIN terminals

The U.K's Dedicated Cheque and Plastic Crime Unit (DCPU) have recently uncovered state of the art social engineering scheme, where once backdoored, chip and PIN terminals were installed at retailers and petrol stations in an attempt to steal the credit card details passing through.

August 19, 2008 by Dancho Danchev


Android security team appeals to hackers

Already burned by the discovery of serious security vulnerabilities in its SDK, the Android Security Team emerged from the shadows this week with an appeal to the security community for help fixing flaws in the Linux-based mobile platform.In a note posted to several public mailing lists, the open-source group published a detailed FAQ covering its security philosophy and process and made a direct request for hackers to use responsible disclosure (.

August 19, 2008 by Ryan Naraine


China busts hacking ring, managed to penetrate 10 gov't databases

If you needed a university certificate in China during the last couple of months, there's a big chance that a group of ten people could have supplied with you such, going a step further and adding your details in more than ten government databases across different provinces in the country, making $300k in the process.Shanghai Daily is reporting on this sophisticated group of local hackers who were selling "valid" educational certificates by modifying government databases.

August 19, 2008 by Dancho Danchev