December 7, 2009 - AOL was praised by security experts in 2004 when they began offering support for RSA SecurID 2-factor authentication tokens for logging on to their services. Such tokens make phishing much, much harder. Now AOL is ending support for them.2-factor (continue reading...) Read more
December 5, 2009 - One of the world's great botnets, Gumblar, is experiencing a steady resurgence lately, according to Kaspersky Labs.The tens of thousands of machines involved worldwide aren't really what's impressive about Gumblar. It's (continue reading...) Read more
December 5, 2009 - Actually, the headline is a teeny bit misleading, even if it's true, strictly speaking. Randy Abrams of ESET, a security software company, received an e-mail from PayPal that included a link in (continue reading...) Read more
December 5, 2009 - A clever, but difficult attack scenario can compromise the PIN used to protect BitLocker-encrypted drives. The attacker first has to gain access to the computer and boot it off of a specially-configured (continue reading...) Read more
December 5, 2009 - Adobe has acknowledged once again a vulnerability disclosed in Illustrator. Their initial acknowledgement of it was a quickie and they hadn't had much time to study the attack. Now they state (continue reading...) Read more
December 5, 2009 - Intuit has warned that a phishing e-mail targeting QuickBooks users is circulating. The real Intuit alert describes and quotes a fake Intuit alert sent out by e-mail. The fake alert says that (continue reading...) Read more
December 3, 2009 - For reasons not entirely clear, Apple issues Java for their own operating systems rather than Sun. As a result, when Sun comes out with updates to Java it takes Apple some time (continue reading...) Read more
December 3, 2009 - As part of their semi-regular Patch Tuesdays, Adobe will release updates next Tuesday for Flash and Air. Versions 10.0.32.18 and earlier of Flash are affected, as are versions 1.5.2 and earlier (continue reading...) Read more
December 3, 2009 - Next Tuesday, December 8, Microsoft will release 6 security bulletins and software updates to address the vulnerabilities described in them. 3 of the bulletins have a maximum rating of critical and (continue reading...) Read more
December 1, 2009 - In the Microsoft Security Response Center Blog the company states that neither their updates nor the Malicious Software Removal Tool are responsible for the recent reports of "Black Screen of Death" (continue reading...) Read more
December 1, 2009 - It only recently made it to TechCrunch, but I noticed months ago that Panera restaurants were blocking links (continue reading...) Read more
December 1, 2009 - The "Black Screen of Death" problem we described recently has been eliciting panicked coverage on parts of the Internet and some confusion over how widespread it is. Our impression is that (continue reading...) Read more
November 30, 2009 - McAfee Labs is reporting a new and versatile variant of the Koobface worm. Like some other recent malware, this attack uses Google Reader to host the malware. The user sees a (continue reading...) Read more
November 30, 2009 - Netcraft reports that 24 of the top 100 HTTPS sites have disabled renegotiation, blocking a recently-revealed flaw in the SSL3/TLS protocols. There is some controversy over how much of a real-world (continue reading...) Read more
November 30, 2009 - Today is Cyber Monday, a marketing creation of the National Retail Federation as the Monday after Black Friday. The Internet is full of deals! deals! deals! Sadly, it's full of scams (continue reading...) Read more