With the increasingly common spamming as a service underground propositions relying on botnets, and services offering thousands of pre-registered accounts at popular email providers, it would be logical to consider that old school techniques consisting of compromising accounts and abusing them to send as many spam emails as possible in the shortest time frame achievable, have long disappeared from the arsenal of the spammer. However, there are always "amateur exceptions" proving otherwise.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Microsoft is investigating new public reports of a zero-day Windows vulnerability that's being exploited in the wild.According to a this SecurityFocus alert, the attacks are exploiting a remote code-execution vulnerability due to an unspecified error in NSlookup.
A new open-source project called OpenVAS has emerged to take the place of Nessus, the popular vulnerability assessment system that closed its source a few years ago.The first stable version of OpenVAS, which is a fork of Nessus 2.
Despite the skepticism surrounding Kris Kaspersky's upcoming "Remote code execution through Intel CPU bugs" presentation to be held at this year's...
Lost in the shuffle of this month's Patch Tuesday barrage is the fact that a critical vulnerability in the ever-present Windows Media Player (WMP) was not fixed "because of a last minute quality issue."Microsoft originally listed the WMP update in the advance notice for August but, when the patches dropped on Tuesday, it had slipped because of patch-quality concerns.
Will disclose Nokia s40 security vulnerabilities for money?
Guest editorial by Derek CallawayThis post is meant to provide an approximation of BIND nameserver updates that occurred during the past month, most likely in response to Dan Kaminsky's DNS cache poisoning vulnerability. I conducted this research because I was curious as to how widely BIND nameserver updates have been deployed given that a month has passed since US-CERT first alerted the public about the nature of the vulnerability and availability of patches.
The PHP Group has shipped the last and final patch in the PHP 4.4 series.
L0pht hacker Kingpin is getting ready for prime time.Joe Grand, who used the Kingpin handle in his time as a member of the Boston hacker crew, will co-host Prototype This!
VMware boss Paul Maritz is blaming "a piece of code" mistakenly left in the final release of ESX for the time-bomb hiccup that crippled virtual machines around the world.In a message posted online, Maritz said the glitch caused a license expiration hiccup that caused virtual machines to be powered off, suspended fail or disrupted migration.