In a combination of domain typosquatting next to spoofed image files, malware authors managed to successfully impersonate ImageShack, the 5th largest image hosting website on the Internet, the result of which is a malware campaign circulating over MSN, enticing users into infecting themselves by clicking on the spammed links to fake image files.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
In what appears to be an attempt to provoke Apple to reconsider its currently passive position on the severity of the dubbed as "carpet bomb" flaw, a working Proof of Concept exploit code has been released at Liu Die Yu's security blog :Nitesh Dhanjani discovered that Safari for Windows puts downloads automatically to Desktop and argued this can potentially make a mess of Desktop, naming it the effect of "Safari Carpet Bomb".
First off, let me start by saying _dietrich has been following our blog for quite some time and is a consistent poster, providing good advice on how to use Linux securely, sometimes as an alternative to Windows technologies. I wouldn't have commented about this in a blog posting, except that I took some offense to the way that Dietrich characterized my article in remarks on his blog.
Microsoft's Patch Tuesday train rumbled into the security station today with high-priority patches for multiple vulnerabilities affecting Internet Explorer, the Bluetooth stack in Windows and Microsoft DirectX.In all, the Redmond, Wash.
In one of these moments when those who are supposed to know, don't know, and those who don't realize what they know aren't reaching the appropriate parties, it's time we get back to the basics - finding out who's behind GPcode, and trying to tip them on the consequences of their blackmailing actions in between collecting as much actionable intelligence as possible using OSINT (open source intelligence) and CYBERINT (cyber intelligence practices).
Apple has shipped a highly critical QuickTime software update with patches for at least five code execution vulnerabilities haunting Windows XP, Windows Vista and Mac OS X users.With QuickTime 7.
I want to start out by saying that I take great personal risk of getting black listed before my flight to K.C.
First off, I want to apologize to our readers for not being here as much last week. I had a rough week involving a random ear infection and the loss of an aunt to cancer, so it was not a week where I was very concerned about computer security or my blog.
John Heasman posted a sneak preview of our Black Hat presentation, which will happen in August in Las Vegas today. This particular attack is extremely interesting, multi-stage nastiness involving the use of Java to steal domain credentials.
Virus analysts at Kaspersky Lab (my employer) have intercepted a new variant of Gpcode, a malicious virus that encrypts important files on an infected desktop and demands payment for a key to recover the data.The biggest change in this variant of the ransomeware is the use of RSA encryption algorithm with a 1024-bit key, making it impossible to crack without without the author's key.