A security researcher in India is warning that Citibank's new virtual keyboard anti-phishing mechanism can be easily defeated.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is an outspoken and controversial author and journalist; she contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Apple has released a new version of the open-source Darwin Streaming Server to plug a pair of security flaws that could cause code execution attacks.
White hat hackers have descended on Seattle for two semi-private security conferences where new attack and exploitation techniques are being discussed.
Microsoft plans to ship a file conversion tool to give Office 2003 users a chance to protect against exploits rigged into .doc, .xls, .ppt documents.
Microsoft has released seven advisories -- all rated critical -- with patches for at least 19 vulnerabilities affecting the Windows operating system, the widely deployed Office productivity suite and the dominant Internet Explorer browser. Vista is affected by 6 of the 19 flaws.
Like an old grandfather clock, the controversy surrounding last month's CanSecWest MacBook hijack contest just keeps on ticking, loud enough to stick in your ear but so monotonous and tiring that it's near impossible to perk up and listen.
Say what you want about the ethics of the "month of bugs" phenomenon, these vulnerability disclosure projects are getting immediate -- and valuable -- results.
Next week's Patch Tuesday updates from Microsoft will include fixes for a wide range of "critical" vulnerabilities in the Windows, Office and Exchange product lines, the software giant announced today.As part of its advance notice mechanism, Microsoft said a total of 7 bulletins will be released on May 8, 2007.
Secunia is muscling its way into the corporate vulnerability scanning market with a new tool that challenges established players like Tenable, Qualys and Sourcefire.
After a brief lull -- and two fakes -- the "month of bugs" security projects are back, taking aim this time at flaws in ActiveX controls used by software developers.