Security researcher Elazar Broad has found another vulnerability in Facebook's Aurigma ImageUploader control.And these vulnerabilities are stacking up.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
StopBadware.org has nailed RealPlayer in its latest report on badware and ranks it along side such software gems as the Jessica Simpson Screensaver, Fake-Mailer, Drive Cleaner 2006 and WinAntiVirus 2006.
Oracle has a belated reply to a survey a few weeks back on how database administrators have never installed one of the company's critical patch updates.In a blog post Oracle's Eric Maurice faults the survey for relying on a small sample size--not that it stopped us from reporting it.
When Robert Graham demonstrated how Web 2.0 wasn't safe at last year's Blackhat, it was thought that at least the SSL mode (HTTPS) of Google Gmail would be spared from sidejacking.
Mozilla has given a proof of concept Firefox vulnerability a "high severity" rating because an attacker can collect session information such as cookies and history, according to Mozilla security chief Window Snyder.Snyder said the vulnerability will be patched with Firefox 2.
A workable exploit attack for a TCP/IP vulnerability in Microsoft's Windows has been launched into the wild courtesy of security firm Immunity.On Jan.
The Metasploit Project released version 3.1 of its exploit development and attack framework.
Claim: The popular urban legend debunking site Snopes is pushing Adware on to its readers.Status: True (No longer true since their shaming from Alex Eckelberry and this blog on 1/28/2008).
Jerome Kerviel, the Societe Generale trader that managed to lose more than $7 billion without the bank noticing, is facing charges of fraud and forgery. Security lessons of this debacle abound.
A few items of note: There's a Western Union spam with Trojan payload; Beware Super Bowl hijinx this week; And if you really want to be a malicious hacker move to Japan.Among the notable:Western Union spam with TrojanSunbelt Software reports that it has seen a fair number of spams with a Trojan payload.