March 3, 2011 - The most recent malware attack on the Android Market is already well described in several good write-ups, but I wanted to analyse the samples we received in our collection. The (continue reading...) Read more
February 27, 2011 - Will you be in Brisbane, Queensland, this evening (Tuesday 01 March 2011)? Are you interested in learning about security and meeting a bunch of like-minded people? If so, why not attend (continue reading...) Read more
February 23, 2011 - Until recently, only remote code execution vulnerabilities have made the mainstream news. These are the bug strains which may let an attacker get into (continue reading...) Read more
February 3, 2011 - Just a quick follow up on the Microsoft Security Advisory (2501696) post that my colleague Randy Abrams wrote about on January 28th regarding Microsoft's recent MHTML vulnerability, which is listed by ESET as HTML/Exploit.CVE-2011-0096.A in our (continue reading...) Read more
January 30, 2011 - Intel's Chief Technology Officer, Justin Rattner, has been pretty gung-ho with the world's technology press in the past week. His approach seems to have worked, if even a few (continue reading...) Read more
January 20, 2011 - Although 0day vulnerabilities receive all the attention, it’s not unusual to see attackers still taking advantage of old vulnerabilities to attack end users. Here's such an example where the vulnerability used was (continue reading...) Read more
January 11, 2011 - In the first Patch Tuesday of 2011, Microsoft published just two security bulletins, unsurprisingly named MS11-001 and MS11-002, fixing three vulnerabilities with two patches. All Microsoft security (continue reading...) Read more
January 7, 2011 - Picture from https://secure.wikimedia.org/wikipedia/en/wiki/File:Casino_slots.jpg This is a really bizarre computer crimes case. A man knows of a bug in a gambling machine at casinos. He goes into (continue reading...) Read more
December 22, 2010 - A remote code execution vulnerability against Internet Explorer was announced recently, and a proof-of-concept exploit has already been added to the Metasploit products. Microsoft doesn't (continue reading...) Read more
December 20, 2010 - 1. NSA considers its networks compromisedRead More 2. Top Five Vishing TechniquesRead More 3. New Google service identifies hacked sitesRead More 4. Your Apps Are Watching YouRead More 5. FarmVille players lured with fake "farm cash" offer (continue reading...) Read more
December 13, 2010 - Jailbreaking your iOS device used to simply be about gaining some freedom–getting root access, installing native apps, and adding or modifying themes. The worst that could happen would be running into a slightly (continue reading...) Read more
December 7, 2010 - My colleague Chet has already warned you about Apple's latest critical update to QuickTime 7, issued this morning. Please read his article to find out if, and how, (continue reading...) Read more
November 26, 2010 - I'm in Wellington, New Zealand, attending the fourth annual Kiwicon event. Like Ruxcon in Australia, Kiwicon is a grassroots hacker* conference. The accessibility (continue reading...) Read more
November 24, 2010 - A new zero-day exploit in Microsoft Windows was disclosed today. The exploit allows an application to elevate privilege to "system," and in Vista and Windows 7 also bypass User Account Control (UAC). The flaw was posted briefly on a programming (continue reading...) Read more
November 18, 2010 - 1. McAfee CEO: Get ready for tidal wave of mobile attacksRead More 2. Drive-By Downloads Still Running WildRead More 3. Malware pushers lure victims (continue reading...) Read more
November 16, 2010 - If you've been following Adobe news this week, you're probably as confused as I am. The big news, released yesterday, is that Adobe Acrobat X is out. (Is (continue reading...) Read more
November 11, 2010 - 1. Facebook, Twitter fail latest security assessmentRead More 2. Hackers break into OECD computer systemRead More 3. ZeuS attackers set up honeypot for researchersRead More 4. Two alleged Zeus mules arrested in WisconsinRead More 5. GoDaddy-hosted (continue reading...) Read more
November 5, 2010 - It took almost 40 years from the first computer bug in 1947, to the first PC virus in 1986, which marked the beginning of eCrime. But even then (continue reading...) Read more
November 4, 2010 - 1. Police To Get Facebook LessonsRead More 2. Facebook discovers and "punishes" UID-selling developersRead More 3. Guarding Your Business Against Social Networking HacksRead More 4. Spying app kicked out of Android MarketRead More 5. Russian-Armenian (continue reading...) Read more
October 25, 2010 - Bart Parys (@bartblaze) recently contacted me about research he was conducting into botnets, exploit kits and so on. His article "The Botnet Wars: a Q&A" is now up. While Bart himself is a Technical Support Engineer at Panda Security, (continue reading...) Read more