An unpatched flaw in an ATI driver was at the center of the mysterious Purple Pill proof-of-concept tool that exposed a way to maliciously tamper with the Windows Vista kernel.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Microsoft plans to ship nine security bulletins next Tuesday with patches for a wide range of "critical" vulnerabilities affecting the Windows operating system, the Microsoft Office productivity suite and the widely deployed Internet Explorer browser.
On the same day Cisco released patches for multiple operating system and software vulnerabilities, the network routing and switching vendor suffered an outage that knocked the Cisco.com offline for about three hours.
Gunter Ollman, director of security strategy at IBM Internet Security Systems (ISS), believes there's no real accountability attached to the trading of vulnerability information by third party companies like iDefense and TippingPoint.
Rich Mogull, one of the more prominent analysts covering the hacker/security space, is leaving Gartner Research to take a stab at private consulting.
The race to defeat a key anti-rootkit/anti-DRM mechanism in Windows Vista has heated up again with the release of a tool that loads unsigned drivers into 64-bit Windows kernel and a swift decision by Microsoft to treat the utility as malicious spyware. But a third developer has joined the fray with "Purple Pill," a new utility that could be very troublesome for Microsoft if it works as advertised.
By now, you're probably read about Robert Graham's Black Hat presentation (.pdf) on hijacking Gmail accounts by wirelessly sniffing non-SSL session cookies.
Mozilla has moved swiftly to put the kibosh on late-night chatter that it can turn around patches for security flaws within ten f***ing days.
IBM is pulling the plug on BlackICE PC Protection/Server Protection, the highly-rate firewall product that came with last year's acquisition of ISS (Internet Security Systems).
I don't know about you but after watching the video and reading the reports about DefCon's outing of Dateline NBC producer Michelle Madigan, I came away with an uncomfortable feeling that it was rather childish, over-the-top and unnecessary.