Last week, TechCrunch's Jason Kincaid wrote about an obvious Twitter vulnerability that allowed a user called "johng77536" to game the popular micro-blogging service to add thousands of followers (subscribers) in a short period of time.The "johng77536" account has since been disabled but a security researcher tracking Twitter security flaws and weaknesses has discovered a new vulnerability that lets users easily game the "follow" system.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Showing you just how much they understand about security, McAfee blocked the SANS website, sans.org, as well as giac.
A week after |)ruid and HD Moore release part 2 of DNS exploit, HD Moore's company BreakingPoint has suffered a traffic redirection to a rogue Google site, thanks to the already poisoned cache at AT&T servers to which his company was forwarding DNS traffic :"It happened on Tuesday morning, when Moore's company, BreakingPoint had some of its Internet traffic redirected to a fake Google page that was being run by a scammer.
Just like every decent web service out there wanting to identify the iPhone's mobile Safari browser in order to serve custom applications, in this very same way malicious attackers would like to remotely identify iPhone devices through a basic pen-testing practice known as OS detection or OS fingerprinting. It seems that the difficulty level of identifying an iPhone device using nmap's criteria is a "trivial joke", namely, it's too easy to accomplish :"So, nmap 4.
The Guardian, out of the United Kingdom, is reporting that Gary McKinnon, the "world's most dangerous hacker", will be extradited to the United States to face criminal hacking charges. McKinnon, a 42 year old unemployed systems administrator from north London, allegedly hacked into systems belonging to the US army, navy, air force, and Nasa in 2001.
Guest editorial by Dino Dai ZoviIn evolutionary biology, the theory of punctuated equilibiria states that evolution is not a gradual process but instead consists of long periods of stasis interrupted by rapid, catastrophic change. This is supported by fossil evidence that shows little variation within a species and new species that appear to come out of nowhere.
Security code review specialists Fortify Software has issued a warning about major configuration weaknesses affecting SOA (service oriented architecture) deployments from IBM, Microsoft and Apache.According to Fortify, certain configurations of Apache Axis, Apache Axis 2, IBM WebSphere 6.
The end of the Neosploit web malware exploitation kit? RSA's FraudAction Research Labs recent monitoring of ongoing communications between Neosploit team members and their potential customers indicates so.
Graham Tibbetts of the UK Telegraph is reporting that the British Foreign Office has admitted to losing around 3,000 passports and visa stickers, which were stolen on their way from Manchester to RAF Northolt in London, where they were to be sent to British embassies. From the article:Officials claimed the chip technology incorporated in the passports would prevent them being used.
The distributors of Neosploit, one of the more dangerous drive-by download exploit kits on the Internet, have shut down operations because of financial problems, according to malware researchers at RSA FraudAction Research Labs.In a blog entry, the company said it found evidence that Neosploit will no longer be supported (yes, the do-it-yourself malware installation kit comes with terms of service and customer support!