February 8, 2010 - I was reminded today of a problem I noticed long ago: American Express's policies for (continue reading...) Read more
February 2, 2010 - A mysterious flood of SSL packets from the Pushdo botnet, possibly an attempted DDOS attack, is not succeeding, according to the Internet Storm Center. None of the attacked sites are experiencing (continue reading...) Read more
January 27, 2010 - Tomorrow, Thursday, January 28, 2010, is Data Privacy Day in North America and Europe. (Sorry I didn't get you a card. What's your address and social security number so I can (continue reading...) Read more
January 25, 2010 - A consortium of Australian ISPs is preparing a voluntary code for handling customers whose computers have been turned into bots in a botnet. The draft plan calls on the ISP, after identifying (continue reading...) Read more
January 21, 2010 - A cumulative update for Internet Explorer from Microsoft fixes the infamous vulnerability in the browser used recently to attack Google and other major companies. 7 other IE vulnerabilities were also fixed, (continue reading...) Read more
January 21, 2010 - Web site defacements have been in the news lately and site owners are blaming their vendors. The first one came on January 12 when Baidu, the top search engine in China (especially if (continue reading...) Read more
January 20, 2010 - Microsoft has announced that tomorrow, Thursday January 21, they will release an out-of-band update to Windows and Internet Explorer to fix the vulnerability that was exploited in the infamous Aurora attacks. (continue reading...) Read more
January 18, 2010 - In their weekly podcast, Ryan Naraine and Dennis Fisher of Kaspersky's Threatpost speculate that the political pressure surrounding the IE 0-day is such that Microsoft will issue an emergency patch. This makes (continue reading...) Read more
January 18, 2010 - Researcher Dino Dai Zovi says he has moved the Aurora exploit to the next level. On Twitter, he stated: "And now my Aurora exploit works on IE7 on Vista as well (continue reading...) Read more
January 16, 2010 - Famed researcher HD Moore created a usable proof-of-concept exploit last night for the 0-day vulnerability in Internet Explorer used in the attack incident that everyone is now calling Aurora. It's a (continue reading...) Read more
January 14, 2010 - New evidence points to a previously unknown vulnerability in Internet Explorer as the hole through which criminals recently attacked Google and other companies, rather than a known, but unpatched vulnerability in Adobe (continue reading...) Read more
January 14, 2010 - When a major disaster like the quake in Haiti hits, good people and groups around the world step up to offer help and donations. Right behind them evil scammers around the (continue reading...) Read more
January 12, 2010 - It's an eventful day. Just as they release an important new version of Acrobat, Adobe has also revealed that "...a sophisticated, coordinated attack..." was mounted "...against corporate network systems managed by (continue reading...) Read more
December 27, 2009 - Security services firm infySEC has a cool list of what they call the Top 10 of the most infamous unsolved computer crimes. These aren't all famous, or infamous crimes, but the unsolved (continue reading...) Read more
December 21, 2009 - One element of unfinished business in 2009 is the appointment of a "cybersecurity czar". Candidate Barack Obama made a big deal out of the need for such a person and specifically (continue reading...) Read more
December 21, 2009 - McAfee Labs blogger David Marcus got some strange IMs in Facebook from a friend over the weekend. His friend's IMs extolled the virtues of a particular colon-cleansing product, a "funny video" that led to a Facebook phishing site, and (continue reading...) Read more
December 21, 2009 - When Amit Agarwal realized that someone had successfully taken control of his Google accounts, including GMail, he got that sinking feeling that his private life and his business were compromised. But (continue reading...) Read more
December 18, 2009 - Twitter's DNS records were hijacked for a time last night and the site redirected users to a site (screen shot nearby, click (continue reading...) Read more
December 15, 2009 - It used to be that end-of-year security predictions were bold and almost science-fictiony. They have become more conservative this year and therefore more reasonable. I've been barraged with them and have attempted to collect the best here.It's clear to me (continue reading...) Read more
December 15, 2009 - Starting in 2011, Internet safety will be a mandatory part of the curriculum in English schools, according to a BBC article.A filtering system is also involved with the same government strategy called "Click Clever, Click Safe". Children will be (continue reading...) Read more