Update 2/23/2008 - Cisco confirms vulnerability in 7921 Wi-Fi IP phoneSecurity conscious businesses and organizations who implemented 802.1x/EAP enterprise-grade authentication are at risk with certain implementations of wireless LAN VoIP handsets.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is an outspoken and controversial author and journalist; she contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Day 1 at Black Hat brought some outstanding talks. The day started off with David Hulton (aka h1kari, also the producer of ToorCon) and Steve (from THC), who presented on "Cracking GSM".
The proposed 3Com takeover has hit another snag with the Committee on Foreign Investment in the United States (CFIUS).In a statement Wednesday, 3Com said Bain Capital Partners and Huawei Technologies have withdrawn their filing with the CFIUS regarding their proposed merger.
Microsoft outlined what it does with incoming vulnerability research, how it designates flaws and playing the cloak-and-dagger game with hackers.In a Q&A with Ryan Naraine, Jonathan Ness, the lead software engineer on Microsoft's SWI Defense team, addressed a big emerging issue between the software giant and security researchers: Who has the onus to reproduce the flaw?
Gene Hodges, CEO of Websense, has had a busy year. The company has integrated the acquisition of SurfControl, built out its security suite and delivered strong financial results.
Due to a scheduling conflict, I can't make the Black Hat conference so we're calling for guest submissions for Zero Day.In a nutshell, we're looking for brief recaps of the Black Hat presentations and your take on the festivities since I can't be in three places at once.
In a blog posted yesterday on Opera's website, blogger Claudio Santambrogio tells us that he isn't happy about the way Mozilla handled an Opera security disclosure. Here's what Claudio had to say:Mozilla notified us of one security issue ( ) the day before they published their public advisory ( ).
Exploit code for Microsoft Works--which was just patched on Tuesday--and QuickTime is making the rounds.First up, the Microsoft Works exploit.
Cisco on Wednesday delivered patches to plug multiple overflow and denial of service vulnerabilities.In an advisory Cisco said multiple IP phone devices running the Skinny Client Control Protocol (SCCP) firmware were impacted.
Adobe has delivered three new bulletins warning about a critical code injection vulnerability that could allow an attacker to take over a system. The two primary platforms affected--Flash Media Server 2.