Make botnets, not war? In April, last year, I asked the question "Why establish an offensive cyber warfare doctrine when you can simple install a type of Lycos Spam Fighting screensaver on every military and government computer and have it periodically update its hit lists?
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Not to beat a dead horse, that's already been beaten to death time and time again, but...Update 05/12/08: Russ McRee has actually just posted a story about "Why PCI DSS is Doomed".
As assessment of a recently discovered in the wild email harvesting service, released for the purpose of harvesting names, email addresses, and other personal information from major career web sites, to be later on used for targeted spamming and malware campaigns.
Microsoft on Thursday previewed three critical bulletins for Microsoft Office and Windows and a moderate denial of service vulnerability for the company's security software.According to Microsoft's advance notification, the software giant will address the following in its Patch Tuesday update May 13:A critical remote code execution vulnerability primarily affecting Microsoft Office (Word) and another critical remote code execution flaw in Publisher.
Mozilla is warning that a Vietnamese language pack for Firefox 2 is carrying malware.In her blog, Mozilla security chief Window Snyder writes:The Vietnamese language pack for Firefox 2 contains inserted code to load remote content.
Hey all,I was fortunate enough to be invited to attend Microsoft Blue Hat v 7 as I had some research that Microsoft was interested in bringing me in to talk about. Microsoft got to have co-worker and fellow researcher Rob Carter and I in to talk to product security teams about some of the things we'd found, and we got a free pass to an invite only conference that had some great talks.
From Paul Miller at Engadget:"At last the moment you've been waiting for. Microsoft wants to hit your version of Windows with an update, and this time you don't have to go rummaging around the internet to find it: just fire up Windows Update and let Microsoft do all the work.
PDP, the leader of the Gnucitizen White Hat Hacker outfit announced the opening of the House of Hackers social community yesterday. The House of Hackers is intended to enable its members to exchange ideas with each other, communicate, form groups, elite circles and tiger/red teams, conglomerate around projects, and participate in a hacker recruitment market.
Google on Tuesday detailed plans for oCERT, a volunteer workforce that will remediate security issues in open source applications.The move makes a ton of sense.
The CORE Security Team released an advisory to the Full-Disclosure mailing list today that documented a stack overflow in NASA's Common Data Format libs.Looking at this bug, the tech details aren't overwhelming, I think I'm mostly excited about it due to the high profile of hacking NASA libs.