* Ryan Naraine is on vacation. Guest editorial by Max WeinsteinIt's no secret that Web sites have become a medium of choice for delivering malware and soliciting personal information for criminal use.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Well, it would seem that Tom Ptacek may have figured out something to do with Dan Kaminsky's earlier DNS flaw, and this may actually be the vulnerability to fear that we had originally heard. Let's just say this, I've read Tom's postings on the Matasano blog for quite some time now, and he's a smart enough guy to not be easily impressed.
From Bill Sisk, security response communications manager for Microsoft:Microsoft Security Advisory (953635)Vulnerability in Microsoft Word Could Allow Remote Code ExecutionPublished: July 8, 2008Microsoft is investigating new public reports of a possible vulnerability in Microsoft Office Word 2002 Service Pack 3.
Well, well, well, what a day for security news!I got a chance to get the scoop word of mouth from Dan Kaminsky of IOActive (pictured above [image courtesy of quinnums]) and Thomas Ptacek of Matasano (pictured below) on the DNS flaw that's been all over the net today.
Right after the U.S Independence Day fireworks, Storm Worm latest campaign launched a couple of hours ago, is back online this time attempting to once again exploit client-side vulnerabilities, this time serving iran_occupation.
It would seem there's a bigger story to that MS08-037 flaw that came out for Patch Tuesday today.From Dave Lewis over at the Liquid Matrix security blog:Today Dan Kaminsky released a first, as far as I can recall.
Microsoft announced 4 "Important" security bulletins today that cover 9 separate vulnerabilities. Of note were vulnerabilities reported in Windows DNS server and client, and within SQL Server.
* Ryan Naraine is on vacation. Guest editorial by Aviv Raff Apple's Safari for Windows is a nice browser.
As we commented on, ICANN, the group that manages top-level domain (TLD) naming systems for the web, recently had several of its domains hijacked by a Turkish hacking group. ICANN has now commented that the hijacking was due to a security breach at the registrar that manages those URLs.
When you get so much spam that your anti-spam provider decides to use you in a marketing campaign, your spam problem turns into an asset for the community, and researchers running honeypots can only envy you for the sample of spam emails you receive on a daily basis. According to a recent press release by ClearMyMail :"ClearMyMail, has today announced the UK’s Top 5 most spammed email accounts that it protects, receiving a total of 3,900 – 44,000 spam emails each day.