Consider this, Microsoft spends huge amounts of dollars and manpower creating protections for the Vista operating system, yet we still have old school vulnerabilities. Why?
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Airport security is obviously a major concern in our country, and I've made some observations that I'd like to share from my recent travels.February and March has turned out to be an insane travelling road show for me.
Bain Capital and Huawei will resubmit its bid for 3Com to the Committee on Foreign Investment in the U.S.
When I reported on the Vocera certificate security bypass flaw, SecurityFocus picked up on it and created Bugtraq ID 27935 to warn their customers about the vulnerability. I dropped a note to Secunia about the flaw but they seem to believe that a flaw is only a flaw if it was accidental and not an irresponsible design choice.
Finjan said it has uncovered a database with more than 8,700 FTP account credentials--user name, password and server address--that allow hackers to compromise security and deliver malware as a service.In a report released Wednesday, Finjan said the list of stolen accounts includes many Fortune 500 type companies.
It didn't take long for VMware to answer the security bell. The company on Wednesday announced a technology called VMsafe that aims to integrate security software with the hypervisor--the linchpin of virtualization software.
McAfee has unearthed a Windows Mobile PocketPC Trojan that disables security, installs via a memory card, can't be uninstalled and makes itself your home page.According McAfee's Avert Labs blog, the Trojan has been discovered in China.
CAPTCHAs sound like a great idea. Give humans a little test to verify they aren't machines, verify an account and thwart hackers.
Core Security Technologies said Monday that it has discovered vulnerability in VMware's desktop virtualization software that allows an attacker to gain complete control a system and launch executable files on the host operating system.The discovery is notable given that virtualization security is largely uncharted territory.
Two days after news of the Vocera Wi-Fi VoIP communicator PEAP security bypass vulnerability, I received confirmation from Cisco that their model 7921 Wi-Fi VoIP phone is also vulnerable to the same issue where digital certificates aren't cryptographically verified. Both Cisco and Vocera have told me that they intend to fix future implementations of PEAP and do the necessary steps to ensure certificate authenticity.