January 3, 2010 - Since the death of Milw0rm, The Exploit Database has been one of the hotter spots for researcher and malcoders to find the latest exploit code. Their latest post takes a (continue reading...) Read more
December 28, 2009 - Bots and botnets have been around for a long time. There's some innovation in the programming form, but the large majority are Windows executables in PE (Portable Executable) format. Cisco's security blog has (continue reading...) Read more
December 27, 2009 - A vulnerability in certain older versions of Microsoft's IIS (Internet Information Server) web server could allow an attacker to upload malicious files, bypassing some security checks. The vulnerability was discovered by Soroush Dalili (continue reading...) Read more
December 27, 2009 - Below this text is a list of passwords not accepted by Twitter in their signup process. The list is copied from the HTML source at https://twitter.com/signup. You might call it the (continue reading...) Read more
December 27, 2009 - Security services firm infySEC has a cool list of what they call the Top 10 of the most infamous unsolved computer crimes. These aren't all famous, or infamous crimes, but the unsolved (continue reading...) Read more
December 22, 2009 - Last week AV-Comparatives.org released the results of their recent "Whole Product Dynamic Test" - a test challenging anti-malware products to protect test systems as if in the real world. (continue reading...) Read more
December 22, 2009 - Andreas Marx of AV-Test.org asked me to clarify a couple points in my blog post about AV-Test's recent real-world anti-malware test. The two tables in the article (continue reading...) Read more
December 22, 2009 - In October Microsoft released a Knowledge Base entry describing which files on a Windows system were not necessary to scan with anti-virus products. These files are not at risk of infection (continue reading...) Read more
December 21, 2009 - Joanna Rutkowska of Invisible Things Lab has disclosed a new vulnerability in certain Intel processors. The SINIT feature of SMM (System Management Mode) can interfere with TXT (Trusted eXecution Technology), allowing (continue reading...) Read more
December 21, 2009 - One element of unfinished business in 2009 is the appointment of a "cybersecurity czar". Candidate Barack Obama made a big deal out of the need for such a person and specifically (continue reading...) Read more
December 21, 2009 - McAfee Labs blogger David Marcus got some strange IMs in Facebook from a friend over the weekend. His friend's IMs extolled the virtues of a particular colon-cleansing product, a "funny video" that led to a Facebook phishing site, and (continue reading...) Read more
December 21, 2009 - In a way, it's not much of a gift, since OnlineFamily.Norton is free. But hey, it's the thought that counts, right? And you (continue reading...) Read more
December 18, 2009 - European antivirus testing lab AV-Comparatives.org today released the results of an extensive dynamic test covering 15 security suites. Coming hot on the heels of the real-world malware protection (continue reading...) Read more
December 18, 2009 - Thanks to Mikko Hypponen of F-Secure for pointing out on Twitter a YouTube video with an ad for and demo of the Zeus Trojan. Better watch it before YouTube takes (continue reading...) Read more
December 17, 2009 - When you have a lesser-known product, a comparison chart that shows (continue reading...) Read more
December 17, 2009 - Magdeburg-based research lab AV-Test.org today released the results of a lengthy real-world malware protection study. This test challenged a dozen major security suites to protect Internet-connected physical computers against up-to-the-minute threats. Each day for 60 days, researchers released 10 (continue reading...) Read more
December 17, 2009 - Parental control for older kids starts with full computer access and applies specific limitations: The kid can't visit adult (continue reading...) Read more
December 16, 2009 - Mozilla has released Firefox 3.5.6, 3.0.16, and SeaMonkey 2.0.1 to address 7 newly-disclosed vulnerabilities, 3 of (continue reading...) Read more
December 15, 2009 - Adobe has issued an advisory for the 0-day vulnerability disclosed the other day. The vulnerability is critical, potentially allowing remote code execution, and affects all versions of Acrobat and Reader on all (continue reading...) Read more
December 15, 2009 - Most of the time when I think of parental control software, I picture something that blocks inappropriate Web sites, limits time on the Internet (or on the computer), monitors what (continue reading...) Read more