Update 07/16/2008: Apparently I neglected to mention that this has been patched already. Reading over it again and a heads up from a reader pointed out the error to me.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
From MessageLabs:Spam levels for the US in June have reached 86% compared to spam levels at 81.5% in the rest of the world.
In a move to bring direct competition to the US on who can be the bigger, badder, more blatant Big Brother, the United Kingdom has apparently decided to create a database holding the telephone numbers and email accounts of everyone in Britain. The details of every phone conversation, SMS, and email, as well as cellphone internet traffic would be held in the database for 12 months.
The Black Hat group on Twitter provided a message today alerting people to a webcast to be put on by Dan Kaminsky on the DNS vulnerabilities that I've heavily covered as follows: Dan Kaminsky breaks DNS, massive multi-vendor patch coming, details at Black Hat Vegas '08 Kaminsky and Ptacek comment on DNS flaw Don't doubt Deputy DanThe story has also received extensive coverage over at Securosis, where Rich Mogull has provided a podcast on the subject.
More details coming out on the Oracle patches that were released last week, see Ryan Naraine's write up here. David Litchfield, noted security researcher from NGSSoftware, released details of one of the vulnerabilities on the Full-Disclosure email list today, and the details are staggering.
Engadget's Joshua Topolsky reports that the iPhone Dev Team has already jailbroken an iPhone 3G. Topolsky writes: We can't say this is a surprise...
Ah, this is a fun little trick. I'm not sure if it represents a vulnerability, but certainly I expect Google will try to get rid of this feature.
WordPress, one of the fastest growing blog software providers, has shipped a new update with fixes for nearly 200 bugs and a major security-related change to disable remote publishing protocols by default.With WordPress 2.
Symantec has reported that the Neosploit toolkit has been updated to include attack vectors for the recent Microsoft Access ActiveX vulnerability. Neosploit is a toolkit for sale on the market (price estimates fall between $1500-$3000) that seeks to automate and extend the capability of browser exploits.
Kris Kaspersky, author of numerous books on reverse engineering and software engineering, will be presenting his research on remote code execution through Intel CPU bugs at the upcoming Hack in the Box Security Conference in Malaysia.