December 29, 2009 - A Nevada couple spent Christmas Day stranded on a remote road in a snow-laden National Forest thanks to some less than stellar directions from their GPS. They survived the three days comfortably thanks to their (continue reading...) Read more
December 29, 2009 - Day 2 and Night 2 of the 26th Chaos Communication Congress is over, so it’s time for a short update on what you are missing here. This year the Congress is organized as a distributed event: Many local Hacker (continue reading...) Read more
December 29, 2009 - Although most people enjoy the days between Christmas and New Year’s Eve with their families, hackers, geeks, security enthusiasts, and privacy activists meet in Berlin for the world’s oldest and Europe’s biggest annual Hacker Conference. Now in (continue reading...) Read more
December 29, 2009 - Over the last few days there have been many articles written about an issue in Microsoft’s Internet Information Services (IIS). This issue allows an attacker to bypass normal security restrictions when uploading a file to a Web application running (continue reading...) Read more
December 28, 2009 - With the New Year just days away, it’s time for McAfee Labs 2010 Threat Predictions. What should you be wary of in the coming year? Social networks. Sites such as Twitter and Facebook have changed the way we communicate, interact, (continue reading...) Read more
December 28, 2009 - Cyber criminals don't pause for a second when it comes to harnessing a new revenue stream. Over the last 24 hours, we have observed a Blackhat SEO campaign attempting to capitalize on the many "After Christmas" sales going on right (continue reading...) Read more
December 28, 2009 - Websense Security Labs™ ThreatSeeker™ Network has detected that the Fox Sports site has been compromised and injected with malicious code. Fox Sports is a division of the Fox Broadcasting Company. It specializes in the latest sports news and world sports (continue reading...) Read more
December 28, 2009 - Adam Lambert may have stolen the show, but Sunbelt Software was at the American Music Awards too. You can see pictures here. John-Erich Mantius, who runs global consumer software here, was representing us. (Finally got around to (continue reading...) Read more
December 28, 2009 - As of this afternoon, the msfencode command has the ability to emit ASP scripts that execute Metasploit payloads. This can be used to exploit the currently-unpatched file name parsing bug feature in Microsoft IIS. This flaw allows a (continue reading...) Read more
December 28, 2009 - Atif Mushtaq, a researcher at FireEye security company, has coordinated a global effort to take down of one of the top 10 botnets – Mega-D.PC world said the botnet controlled 250,000 machines in a massive network that was (continue reading...) Read more
December 28, 2009 - As you may have heard in the last few days, Twitter has banned 370 passwords (actually only 369, ‘password’ appears twice in the list) as ‘too obvious’ to be safe for their users. A good move in theory but why (continue reading...) Read more
December 28, 2009 - The innovations that are taking place in the computer industry today are truly amazing. More specifically, these innovations have driven the infrastructure expansion of the Internet, created world wide access to trade and commerce, virtualization, consolidation and mobility, to name (continue reading...) Read more
December 28, 2009 - Bots and botnets have been around for a long time. There's some innovation in the programming form, but the large majority are Windows executables in PE (Portable Executable) format. Cisco's security blog has (continue reading...) Read more
December 28, 2009 - I recently attended the San Francisco IANS Security Forum, where Hart Rossman and I facilitated several of the roundtable sessions. I thought I'd summarize a few of the "take-aways" and useful comments from each. Cloud Computing and Outsourcing was a (continue reading...) Read more
December 28, 2009 - After an attempted explosive attack on a U.S.-bound flight Friday, air travel security tightened and rules were changed. No official procedures were announced, but here's what fliers and news agencies are reporting as the standards (continue reading...) Read more
December 27, 2009 - Even though Metasploit 3.3.3 was just released on December 23rd, the holidays provided some free time for the community and the development team to add more shiny to the Metasploit Framework. Metasploit now has the ability to (continue reading...) Read more
December 27, 2009 - A vulnerability in certain older versions of Microsoft's IIS (Internet Information Server) web server could allow an attacker to upload malicious files, bypassing some security checks. The vulnerability was discovered by Soroush Dalili (continue reading...) Read more
December 27, 2009 - Below this text is a list of passwords not accepted by Twitter in their signup process. The list is copied from the HTML source at https://twitter.com/signup. You might call it the (continue reading...) Read more
December 27, 2009 - Security services firm infySEC has a cool list of what they call the Top 10 of the most infamous unsolved computer crimes. These aren't all famous, or infamous crimes, but the unsolved (continue reading...) Read more
December 27, 2009 - Hi everyone, On Dec. 23 we were made aware of a new claim of a vulnerability in Internet Information Services (IIS). We are still investigating this issue and are not aware of any active attacks but wanted to let (continue reading...) Read more