For those of you who had been reading my Day 1, Day 2/Day 3, and Day 2 revisited stories about Black Hat Europe here on ZDNet, I'm sure you were wondering what happened to Day 4, the second day of conferences. Well, after a long delay, here it is!
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is an outspoken and controversial author and journalist; she contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Finjan says Crimeware-as-a-Service (CaaS) is becoming an increasing problem and the ability of law enforcement to track malicious hackers will become increasingly hampered.On Monday, Finjan's Malicious Code Research Center (MCRC) released its first quarter Web security trends report (registration required) and highlighted CaaS.
Billy Rios covered a very interesting flaw in Google's code.google.
Microsoft on Thursday issued five critical security bulletins and three important ones for all flavors of Windows, Internet Explorer and Office. Vista and Windows Server 2008 are affected by four of the five critical bulletins.
Apple pushed out the latest version of QuickTime and patched 11 vulnerabilities in its third security update of 2008.Late Wednesday, Apple pushed the update, which covers QuickTime on all platforms.
In a comment in a talkback on the original issue discovered in Adobe Flash that led to the compromise of the Vista machine at the Pwn2Own contest, an Adobe representitive, Erick Lee, Manager of Adobe Secure Software Engineering Team (ASSET), claimed that Adobe knew of the flaw and has a patch on the way. This announcement acknowledges that Adobe knew of the risk, accepted it as their own, and was working on fixing it.
While checking out Billy Rios's XS-Sniper blog today, I noted that he had included an interesting link to some videos produced by Microsoft. I haven't had a chance to check them all out yet, but they are quite interesting.
Our coverage of the Pwn2Own contest has received a lot of attention, so I thought it would make sense to go straight to the source of the Adobe Flash exploit to get some first-hand accounts of what went down.
Why are we still talking about the value of PCI Compliance? Now we can all get it for free due to a great new product!
Ivan Ristic (pictured to the right) posted a story today on his blog that highlights some changes that are to go into effect in England sometime this year. The changes to the Computer Misuse Act (CMA) would appear to put security researchers and consultants in the UK at risk of being considered criminals.