Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

Skype patches security policy bypassing vulnerability

In a security bulletin issued two days ago, Skype's latest version fixes a File URI Security Bypass Code Execution Vulnerability originally reported by Ismael Briones : Remote exploitation of a security policy bypass in Skype could allow an attacker to execute arbitrary code in the context of the user.The "file:" URI handler in Skype performs checks upon the URL to verify that the link does not contain certain file extensions related to executable file formats.

June 5, 2008 by Dancho Danchev

Comments

Microsoft previews three critical bulletins

Microsoft on Thursday previewed three critical security bulletins addressing Internet Explorer, Bluetooth and DirectX in various flavors of Windows, including Vista.In its advance notification, Microsoft issued three critical bulletins for items to be patched June 10.

June 5, 2008 by

Comments

Metasploit Project's site hijacked through ARP poisoning

Metasploit, the open-source platform for developing, testing, and using exploit code, got its official project site briefly hijacked on Monday by a well known member of the Chinese underground who left the following message offering a new zero day exploit for sale - "hacked by sunwear! just for fun!

June 3, 2008 by Dancho Danchev

5 Comments

Online brand-jacking increasing

With the evolving sophistication of online scammers' understanding of social engineering and trust building online, the techniques they use to build authenticity into their scam propositions have started directly influencing a targeted brand's reputation online in the most negative way possible - the loss of a customer's trust into the brand's capabilities to defend itself against impersonation attacks.

June 3, 2008 by Dancho Danchev

4 Comments

Phoenix Mars Lander's mission site hacked

With the world's eyes on the latest multimedia streaming straight from Mars, during the weekend the Phoenix Mars Mission's site got hit twice, first by an Ukrainian web site defacer who posted a message at the site's blog, and hours later, the Turkish "sql loverz crew 2008" redirected the official mission's site, as well as the Lunar and Planetary Laboratory site to a third-part location serving the defaced page.

June 2, 2008 by Dancho Danchev

13 Comments

Microsoft's CAPTCHA successfully broken

UPDATE: Gmail, Yahoo and Hotmail's CAPTCHA broken by spammers. Jeff Yan and Ahmad Salah El Ahmad, at the School of Computing Science, Newcastle University, England recently published a research paper entitled "A Low-cost Attack on a Microsoft CAPTCHA", demonstrating how they've managed to attack the Microsoft's CAPTCHA used on several of their online services such as Hotmail and Windows Live, with over 92% recognition rate.

May 31, 2008 by Dancho Danchev

Comments

Microsoft issues Safari-to-IE blended threat warning

Microsoft has issued a formal security advisory with a confirmation of public warnings that the Safari "carpet bombing" vulnerability presents a remote code execution threat on all supported editions of Windows XP and Windows Vista.The pre-patch advisory from Redmond follows public pressure from the Google-backed StopBadware.

May 30, 2008 by Ryan Naraine

54 Comments

Obama looking for help thwarting Web site hackers

On the heels of last month's embarrassing site breach that allowed a hacker to redirect traffic from BarackObama.com to Hillary Clinton's Web site, the Obama campaign is looking to hire a network security expert to lock down its online operations.

May 30, 2008 by Ryan Naraine

3 Comments