If your company or organization runs an enterprise wireless LAN network, I have some troubling news for you. Odds are high that your current "enterprise-class" wireless LAN deployment is vulnerable to authentication leakage which not only exposes your internal network but all of your server access controls.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Google's Android SDK is facing multiple vulnerabilities that are remotely exploitable, according to Core Security Technologies.In an advisory, Core Security noted heap and interflow overflow issues with Android and reserved eight CVE identifiers.
I've recently seen a great Black Hat presentation by Felix (FX) Lindner (see pic 2) and a blog posting by Petko D. Petkov (PDP) (see pic 1) on the subject of hacking routers.
A PayPal executive last week recommended that its users ditch Apple's Safari browser since it doesn't have anti-phishing technology. If other phishing targets--banks, brokers and such--follow suit it could make anti-phishing technology the price of admission to recommend browsers.
I recently attended the eBay Red Team event at the eBay campus in San Jose, CA. and got a chance to sit in on several presentations, meetings, and discussions aimed at creating security awareness and knowledge sharing opportunities for several major decision makers in the information security space.
In the security industry it's not hard to run into someone predicting the demise of the anti-virus industry. But the end game will take forever to play out.
Consider this, Microsoft spends huge amounts of dollars and manpower creating protections for the Vista operating system, yet we still have old school vulnerabilities. Why?
Airport security is obviously a major concern in our country, and I've made some observations that I'd like to share from my recent travels.February and March has turned out to be an insane travelling road show for me.
Bain Capital and Huawei will resubmit its bid for 3Com to the Committee on Foreign Investment in the U.S.
When I reported on the Vocera certificate security bypass flaw, SecurityFocus picked up on it and created Bugtraq ID 27935 to warn their customers about the vulnerability. I dropped a note to Secunia about the flaw but they seem to believe that a flaw is only a flaw if it was accidental and not an irresponsible design choice.