Update: Microsoft is NOT at fault for this! There seems to be some confusion within the talkbacks on this subject about this being Microsoft's fault, and also some strange claims that development shops who do only .
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
The Pwn2Own contest rules were announced recently for CanSecWest '08 coming up next week.Unfortuantely, or fortunately (depending on how you look at it), I won't be able to join in the fun as I will be presenting at Black Hat Europe next week, although you can rest assured I'm going to take a stab at the contest from remote!
Apple delivered a security update for Tiger and Leopard Tuesday with at least 80 patches addressing multiple vulnerabilities.You know it's a big patch haul from Apple when you read the advisory and:You're not sure where to begin;You're IMing fellow security folks (Ryan Naraine) to count CVE numbers for some clue of how many patches are included.
Apple on Tuesday patched code execution and cross-site scripting vulnerabilities on Tiger, Leopard, Vista and XP in a Safari update that included 13 patches.Apple historically has delivered patches along with new feature or software updates.
Hannaford Bros., a supermarket chain with stores primarily in the Northeast and Florida, said Monday that it was hit by a data breach that exposed 4.
Another day another ActiveX problem. This time an ActiveX vulnerability in CA BrightStor ARCServe Backup could be exploited to compromise a user's system.
Web defacement archive Zone-H.org has produced a comprehensive three-year report on Web Server defacements for 2005 to 2007.
Microsoft plugged more than a few vulnerabilities in Excel last week, but the trade off may be calculation errors.Microsoft's Bill Sisk said in a post late Friday following the software giant's latest patch batch:I wanted to let you know that we have updated bulletin MS08-014 to provide additional information on a newly identified issue that causes Microsoft Excel 2003 calculations to return an incorrect result when a Real Time Data source is used.
The Same Origin Policy is one of the guiding principles that seek to protect our browsing experience. The Same Origin Policy was originally released with Netscape Navigator 2.
It's not much fun when one of your security vendors falls to a Web attack. Infoworld reports that TrendMicro was a victim of a recent Web attack that used legit sites to deliver malware.