An independent security researcher has released details on a two-stage malware attack against Windows Vista to show how easy it is for non-privileged code to replace shortcuts on the Start Menu and intercept UAC (User Account Control) privilege elevation prompts.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is an outspoken and controversial author and journalist; she contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Polish hacker Joanna Rutkowska has teamed up with reverse engineering expert Alexander Tereshkin to to launch a new security services startup called Invisible Things Labs.
Katie Moussouris, a pen testing specialist who founded and managed Symantec Vulnerability Research, has left 'Big Yellow' to join Microsoft as a security strategist.
At the ToorCon Seattle (beta) conference, Web application security specialist Robert Hansen (RSnake) demoed Mr-T (Master Recon-Tool), a new utility that combines information disclosure bugs in Internet Explorer and Firefox to collect information on a target's computer system.
According to an alert posted on The Pirate Bay's blog, the stolen user credentials were encrypted but the site is still urging users to immediately change usernames and passwords to avoid the risk of identity theft.
A security researcher in India is warning that Citibank's new virtual keyboard anti-phishing mechanism can be easily defeated.
Apple has released a new version of the open-source Darwin Streaming Server to plug a pair of security flaws that could cause code execution attacks.
White hat hackers have descended on Seattle for two semi-private security conferences where new attack and exploitation techniques are being discussed.
Microsoft plans to ship a file conversion tool to give Office 2003 users a chance to protect against exploits rigged into .doc, .xls, .ppt documents.
Microsoft has released seven advisories -- all rated critical -- with patches for at least 19 vulnerabilities affecting the Windows operating system, the widely deployed Office productivity suite and the dominant Internet Explorer browser. Vista is affected by 6 of the 19 flaws.