The U.S. Computer Emergency Readiness Team (CERT) has issued a warning for what it calls "active attacks" against Linux-based computing infrastructures using compromised SSH keys.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
When Microsoft's Internet Explorer 8 browser makeover ships later this year, it will feature several nifty privacy features aimed at giving surfers control over their Web footprints.One week after bloggers discovered clues that IE 8 will include a private browsing (ahem, porn mode), Microsoft used the official IE blog to discuss four new granular controls in the browser.
With Twitter's continuing growth, its popularity is logically starting to attract the attention of malicious parties, like spammers, phishers, and malware authors who wouldn't mind the fact that nobody is following them when they're actively updating several hundred users with their latest propositions.
[ UPDATE: Facebook has reversed itself and fixed this vulnerability ] The Register's Dan Goodin has the scoop on an obvious security vulnerability that's being ignored by the powers at Facebook.The issue, as demonstrated by this proof-of-concept, shows how a social network application can be rigged to hijack a Facebook user's session identification cookies, deliver pop-up messages or change the color of Facebook pages.
If the StopBadware coalition has its way, software updaters from Sun Microsystems (see screenshot above) and Apple will carry the embarrassing "badware" label.According to a draft of revamped guidelines (.
In what appears to be a mass defacement, where several hundred domains take advantage of a shared hosting provider, starting as of this Friday, an...
More than a week after a cryptic note hinted at a security breach at Fedora, the open-source group has finally fessed up to two separate server intrusions that compromised the security of Red Hat's OpenSSH packages.The confirmation follows eight days of media speculation and conjecture over a brief e-mail that simply mentioned "an issue in the infrastructure systems" and calls into question Red Hat's ability to promptly -- and accurately -- disclose security breaches.
Cybercriminals know how to take advantage of anticipated traffic by abusing the momentum of a particular event, like the U.S presidential election in this case.
The DNS server of one of China's largest ISPs has been poisoned to redirect typos to a malicious site rigged with drive-by exploits.According to a warning from Websense Security Labs, the DNS poisoning attacks are affecting customers of China Netcom (CNC) and are using a malicious iFrame to launch exploits for known vulnerabilities in RealNetworks' RealPlayer, Adobe Flash Player and Microsoft Snapshot Viewer.
According to published reports, Nokia and Sun have both confirmed the existence of serious security problems in the Series 40 and Java Platform Micro Edition (Java ME) , giving instant credibility to the claims by Polish hacker Adam Gowdiak.