Violet Blue

Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.

Larry Seltzer

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years

Latest Posts

Apple security team finds code execution holes in Ruby

A member of Apple's security team has discovered multiple serious security vulnerabilities in Ruby, the popular open-source scripting language.According to an advisory on the Ruby project site, Apple's Drew Yao reported at least six of the vulnerabilities, which can be exploited to cause a denial-of-service  condition or the execution of arbitrary code.

June 20, 2008 by Ryan Naraine


Phishers targeting Facebook users, fake logins spammed through hacked accounts

A currently active phishing campaign is circulating across Facebook end users' walls, using already compromised accounts to post the phishing links, tricking the user into thinking it's a legitimate friend sending the message in order to redirect them to a fake login page. The campaign is taking advantage of multiple typosquatted domains which are in a fast-flux state, namely, they respond to multiple IP addresses and change them automatically every three minutes in this particular attack.

June 20, 2008 by Dancho Danchev


Free Sourcefire tool pinpoints hostile MS Office files

Sourcefire, the company behind the popular Snort intrusion detection system, has released a freeware utility to help identify potentially threatening Microsoft Office files.The tool, called OfficeCat, can be used to process Microsoft Office documents -- Word, PowerPoint, Excel and Publisher -- determine if possible exploit conditions exist.

June 20, 2008 by Ryan Naraine

1 Comment

About-face: Apple patches Safari 'carpet bombing' bug

In what amounts to a major about-face, Apple has patched the Safari "carpet bombing" vulnerability that led to a Safari-to-Internet Explorer remote code execution combo threat.After insisting for weeks that the issue is more of an irritant than a security risk, Apple today released Safari v3.

June 19, 2008 by Ryan Naraine


Microsoft blames 'human issues' for Bluetooth patch hiccup

Microsoft has re-released its critical MS08-030 bulletin for Windows XP SP2 and SP3 users, warning that "two separate human issues" caused a major hiccup with the critical security patch.The original version of the patch, which corrects a remote code execution flaw in the Windows Bluetooth stack, failed to properly fix the vulnerability for Windows XP users, according to Christopher Budd, a program manager in the MSRC (Microsoft Security Response Center).

June 19, 2008 by Ryan Naraine


Security breach hits DivShare, unauthorized access to its database

The popular document and media sharing service DivShare, suffered a security breach according to a security announcement posted by DivShare's support team earlier this week :Late last night we were alerted of a security breach that allowed a malicious user to access our database, which included user e-mail addresses and other basic profile information. No financial information has been accessed by any unauthorized parties.

June 19, 2008 by Dancho Danchev


2008 Pwnie Awards

Don't forget to go and vote on the Pwnie Awards, which will happen at Black Hat Vegas again this year.  I don't want to campaign for votes, but I wouldn't be pissed if some of my loyal readers out there voted for me, Billy Rios, Rob Carter, and John Heasman and some of our interesting research that I've presented here on the blog.

June 19, 2008 by Nathan McFeters