Thierry Zoller, a security consultant at n.runs AG (one of the outside companies that did pen-testing on Windows Vista), argues that George Ou’s Vista speech command exploit is borderline cry-wolf.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of security. He is the author of three books and thousands of published articles and many more unpublished, private reports. Larry has been Technical Director at several test laboratories where he both directed and ran product testing, with a special interest in test automation. Larry began his career as a Software Engineer at the now-defunct Desktop Software Corporation in Princeton, NJ, on the team that wrote the NPL 4GL query language. He also worked on corporate IT and software development at Chase Econometrics. Larry is a graduate of the University of Pennsylvania with a degree in Public Policy.
Ms. Violet Blue (tinynibbles.com, @violetblue) is a freelance investigative reporter on hacking and cybercrime at Zero Day/ZDNet, CNET and CBS News, as well as a noted sex columnist. She has made regular appearances on CNN and The Oprah Winfrey Show and is regularly interviewed, quoted, and featured in a variety of publications that includes ABC News and the Wall Street Journal. She has authored and edited award-winning, best selling books in eight translations and has been a sex columnist for the San Francisco Chronicle. She has given keynote talks at such conferences as ETech, LeWeb, and the Forbes Brand Leadership Conference, and has given two Tech Talks at Google. In 2010, the London Times named Blue one of “40 bloggers who really count.” Ms. Blue is the author of The Smart Girl's Guide to Privacy. Violet Blue bio courtesy of TTI Vanguard.
Landon Fuller, a former engineer in Apple's BSD Technology Group, believes there's a place for immediate, third-party patches when there's a legitimate threat of code execution attacks. Now, he's mulling a plan to expand the month-of-Apple-fixes initiative.
The Cyber Security Industry Alliance has slapped three 'D' grades on the U.S. government's ability to secure sensitive data, strengthen the resiliency of critical infrastructure and protect the integrity of federal information.
Detailed exploit code for a gaping worm hole in CA's BrightStor ARCserve Backup product has been posted on the Internet, prompting a strong "patch now or else!" warnings from security researchers.
The controversial MOAB (Month of Apple Bugs) project crossed the finish line today with a cryptic "coming soon" note, a promise to release an exploit for a remote kernel vulnerability and a vow from one of the organizers to stop publicizing his flaw findings."My time disclosing exploits is over," said L.
What does a targeted Microsoft Word zero-day attack look like? A quick flicker when the .doc is opened is sometimes the only thing you'll see.
Virus trackers at Symantec have raised an alert for what is believed to be a fifth unpatched -- and previously unknown -- security flaw affecting Microsoft Word.
A vulnerability research company in Argentina has fitted an Oracle database rootkit into a zero-day exploit pack, adding a stealthy new danger to enterprise systems.
A security researcher in India has discovered "easy to exploit" ways to cheat Microsoft's OGA (Office Genuine Advantage) anti-piracy checks.