Microsoft's implementation of the UAC (user account control) mechanism in Windows Vista continues to take a beating from security researchers.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
A stack-based buffer overflow in the Snort IDS (intrusion detection system) could leave government and enterprise installations vulnerable to remote unauthenticated code execution attacks.
Mozilla's Firefox browser suffers from a design flaw that puts casual surfers at risk of phishing attacks; Microsoft applies for a patent covering the discovery and notification of browser-based phishing attempts.
The anti-phishing community at CastleCops.com has been knocked out by a massive DDoS (distributed denial-of-service attack).
A critical code execution hole is found in µTorrent, everyone's favorite torrent client. Dirty .torrent files could be used to in PC-takeover attacks.
A router hijack exploit scenario detailed by researchers at Symantec may affect Cisco routers that are marketed for the Small Office/Home Office (SOHO), Remote Office/Branch Office (ROBO) and teleworker business segments.
Apple has started fixing security holes exposed during January's MoAB (Month of Apple Bugs) project.
Firefox and Internet Explorer users beware: There are serious, unpatched flaws in both browsers that could allow the manipulation of authentication cookies and the hijacking of files from your Windows machine.
In a zero-day world when Windows exploits are circulating for months before Microsoft can get patches ready, should Redmond consider a change in its monthly patch cycle?
Just 24 hours after Microsoft issued patches for critical holes in its Office suite, a brand-new Word zero-day attack is underway.