Security researcher Dancho Danchev said Friday that SEO poisoning attacks have scaled up and are attacking well known sites. Google has been filtering its results as a defense, but Danchev's latest finding brings up an interesting question: Can the defenses scale?
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
The MacBook Air fell in two minutes at the CanSecWest security conference's PWN 2 OWN.According to Infoworld, Charlie Miller won the $10,000 prize.
EMC said Thursday that it is partnering with Verint to offer physical security services.Verint provides IP video security software and dashboards.
Cisco patched multiple vulnerabilities on Wednesday with the most important fixes covering data-link switching, IPv6 and VPN flaws.Among the highest rated patches (all rated 7 or above on a 10 scale):Cisco patched multiple vulnerabilities in the Data-link Switching (DLSw) feature in its IOS.
Mozilla has patched 10 vulnerabilities in Firefox 2.0 with update 2.
Considering my previous posts on my experiences at Black Hat Federal received pretty good reviews, I thought it would make sense to again highlight a Black Hat trip. This time it was all the way out to Amsterdam, where Rob Carter and I will be speaking about URI Use and Abuse.
In my first post in this series, I discussed the Same Origin Policy and how it protects us from some very serious attacks, the dangers of domain name based trust, and how to attack implementations of the Same Origin Policy within the Java Virtual Machine (JVM). In order to demonstrate these concepts, I used two examples of real-world attacks against the Same Origin Policy implementation within the JVM.
Microsoft has confirmed reports of vulnerability in Word that allows an attacker to exploit a system via the Microsoft Jet Database Engine, which shares data with Access, Visual Basic and third party applications.Microsoft in its advisory said the potential for attack is "very limited.
As reported by Robert McMillan and Elizabeth Montalbano at IDG News Service, Sequoia voting systems web site has been hacked and subsequently taken down.Sequoia and its voting system is not new to the news, as it was recently investigated by the Attorney General of New Jersey for "voting discrepancies" in last months primaries.
Robert Hansen aka R-Snake has posted a very interesting article today over at his blog. As R-Snake states:Whelp, we’ve talked about it, but now it’s finally possible.