With the world's eyes on the latest multimedia streaming straight from Mars, during the weekend the Phoenix Mars Mission's site got hit twice, first by an Ukrainian web site defacer who posted a message at the site's blog, and hours later, the Turkish "sql loverz crew 2008" redirected the official mission's site, as well as the Lunar and Planetary Laboratory site to a third-part location serving the defaced page.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
UPDATE: Gmail, Yahoo and Hotmail's CAPTCHA broken by spammers. Jeff Yan and Ahmad Salah El Ahmad, at the School of Computing Science, Newcastle University, England recently published a research paper entitled "A Low-cost Attack on a Microsoft CAPTCHA", demonstrating how they've managed to attack the Microsoft's CAPTCHA used on several of their online services such as Hotmail and Windows Live, with over 92% recognition rate.
Microsoft has issued a formal security advisory with a confirmation of public warnings that the Safari "carpet bombing" vulnerability presents a remote code execution threat on all supported editions of Windows XP and Windows Vista.The pre-patch advisory from Redmond follows public pressure from the Google-backed StopBadware.
On the heels of last month's embarrassing site breach that allowed a hacker to redirect traffic from BarackObama.com to Hillary Clinton's Web site, the Obama campaign is looking to hire a network security expert to lock down its online operations.
Chinese girls talking about using SQL injections to serve malware and ARP spoofing, in between sharing do-it-yourself tutorials on XSS worms? Sexy.
A high-severity security flaw in the Creative Software automatic update engine could put Windows computers at risk of remote code execution attacks, according to a warning from the US-CERT (Computer Emergency Readiness Team).The vulnerability affects the software used to provide updates to Creative Labs' audio/video entertainment product line, which includes the popular Zen MP3 player line.
It's official, even a pothead can social engineer Network Solutions.
Apple makes a big deal -- and lots of funny commercials -- around the security profile of its products. On the Safari download site, the boast is that users get "worry-free Web browsing on any computer" because, in Cupertino's words, "Apple engineers designed Safari to be secure from day one.
So, in catching up with blogs after vacation, I went and had a peak at Michael Howard's web log, and was glad to see another post from him. His posts are very insightful (I just wish he would post more).
For a couple of hours yesterday, Comcast's Internet Portal (comcast.net) had its DNS records hijacked and a defaced web page was loading from third-party domains.