In my most recent discussion on McAfee, I posted a talkback to Russ McRee stating, tongue in cheek mind you, that it'd be interesting to see an XSS or SQL Injection on McAfee's site, see if they are indeed "McAfee Secure". Well, I guess you get what you ask for...
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Make botnets, not war? In April, last year, I asked the question "Why establish an offensive cyber warfare doctrine when you can simple install a type of Lycos Spam Fighting screensaver on every military and government computer and have it periodically update its hit lists?
Not to beat a dead horse, that's already been beaten to death time and time again, but...Update 05/12/08: Russ McRee has actually just posted a story about "Why PCI DSS is Doomed".
As assessment of a recently discovered in the wild email harvesting service, released for the purpose of harvesting names, email addresses, and other personal information from major career web sites, to be later on used for targeted spamming and malware campaigns.
Microsoft on Thursday previewed three critical bulletins for Microsoft Office and Windows and a moderate denial of service vulnerability for the company's security software.According to Microsoft's advance notification, the software giant will address the following in its Patch Tuesday update May 13:A critical remote code execution vulnerability primarily affecting Microsoft Office (Word) and another critical remote code execution flaw in Publisher.
Mozilla is warning that a Vietnamese language pack for Firefox 2 is carrying malware.In her blog, Mozilla security chief Window Snyder writes:The Vietnamese language pack for Firefox 2 contains inserted code to load remote content.
Hey all,I was fortunate enough to be invited to attend Microsoft Blue Hat v 7 as I had some research that Microsoft was interested in bringing me in to talk about. Microsoft got to have co-worker and fellow researcher Rob Carter and I in to talk to product security teams about some of the things we'd found, and we got a free pass to an invite only conference that had some great talks.
From Paul Miller at Engadget:"At last the moment you've been waiting for. Microsoft wants to hit your version of Windows with an update, and this time you don't have to go rummaging around the internet to find it: just fire up Windows Update and let Microsoft do all the work.
PDP, the leader of the Gnucitizen White Hat Hacker outfit announced the opening of the House of Hackers social community yesterday. The House of Hackers is intended to enable its members to exchange ideas with each other, communicate, form groups, elite circles and tiger/red teams, conglomerate around projects, and participate in a hacker recruitment market.
Google on Tuesday detailed plans for oCERT, a volunteer workforce that will remediate security issues in open source applications.The move makes a ton of sense.