On the heels of an EUSecWest conference presentation on malicious rootkits for Cisco IOS (see background), Cisco's security response team has published a must-read document confirming that stealthy malware can be loaded on the software used on the vast majority of its routers and network switches.Cisco warns:It is possible that an attacker could insert malicious code into a Cisco IOS software image and load it onto a Cisco device that supports that image.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
The recently released U.S Federal Computer Security Report Card for 2008, indicates that several critical to national security departments continue failing to implement the Federal Information Security Management Act (FISMA).
You cannot say something's good or bad unless you benchmark or compare it against something else. According to the Linus's Law, "given enough eyeballs, all bugs are shallow", a mentality which when combined with static code analysis of the most popular and widely used open source projects such as Firefox, Linux and PHP and benchmark it against 250 other open source projects, can truly make an impact.
In a reponse to the recently released cluster analysis of the top 10 worst domain registrars in terms of spam and junk content hosting domains, the ICANN has taken steps to approach the non-compliant registrars :More than half of those registrars named had already been contacted by ICANN prior to publication of KnujOn’s report, and the remainder have since been notified following an analysis of other sources of data, including ICANN’s internal database.
What is the current state of Storm Worm activity, how many infected IPs are found to host the malware on a daily basis, which are the latest domains used by the Storm Worm, and which countries have the largest infected population?
Facebook, the second most popular social networking site in the U.S according to Nielsen, is currently vulnerable to a critical XSS, allowing the injection and execution of malicious scripts within the popular site.
The folks at Australian mega-telco Telstra are wiping eggs from their faces after distributing malware-infected USB drives to attendees at this year's AusCERT security conference.AusCERT's marketing manager Claire Groves confirmed the USB sticks came certified pre-owned (thanks Dan Geer) and were given out at a tutorial at the conference.
Can you remember being a kid, when your parents first told you what your SSN was? I remember mine telling me to never give it to anyone.
Last week, Google's Niels Provos made an announcement regarding a newly introduced feature aiming to help owners of compromised sites in understanding the implications of the compromise, as well as the malicious events that took place when Google last indexed the site.
Trillian users beware: There are multiple serious security holes in the popular cross-platform IM application.According to alerts issued by TippingPoint's Zero Day Initiative (ZDI), the vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of Trillian Pro.