Entry Archive
Tuesday, April 22, 2008 3:43 PM/EST
There's a serious brain drain affecting the OLPC (One Laptop Per Child) initiative and it's not a good sign for security. The latest high-profile defector from the nonprofit organization is Walter Bender, a former MIT Media Lab executive who...
Tuesday, April 22, 2008 2:55 PM/EST
Security researcher Petko D. Petkov (aka pdp) has discovered a gaping hole in fully patched versions of Apple's QuickTime for Windows Media Player. The zero-day vulnerability allows an attacker to use rigged movie (.mov) files to take full control of...
Tuesday, April 22, 2008 10:12 AM/EST
Adobe has issued a prepatch advisory for a critical vulnerability in Photoshop Album Starter Edition 3.2, its free image-manipulation software product. The flaw, which affects Windows users, could be exploited to launch code execution attacks if the target is...
Monday, April 21, 2008 4:44 PM/EST
Microsoft's Windows XP SP3 (Service Pack 3) is finally here, offering several subtle security goodies alongside thousands of bug fixes. The biggest security feature in this service pack is the inclusion of NAP (Network Access Protection) to help organizations...
Monday, April 21, 2008 4:05 PM/EST
Hackers are having fun exposing security holes in Barack Obama's official campaign site. According to a post over at XSSed.com, a site that catalogs cross-site scripting vulnerabilities, one of the multiple holes in Obama's site was exploited to redirect...
Monday, April 21, 2008 2:10 PM/EST
Microsoft has chosen a new song to continue its public slow dance with the white hat hacking community: online properties like *.microsoft.com, *.msn.com and *.live.com. According to Dan Goodin reporting from Toorcon Seattle, Microsoft security strategist Katie Moussouris pledged...
Monday, April 21, 2008 11:58 AM/EST
The notorious Rock Phish gang is pushing the envelope again, adding a sophisticated crimeware Trojan to its identity theft arsenal. The Russian group, which is responsible for about half of all phishing attacks, is now doing browser-based drive-by attacks...
Monday, April 21, 2008 10:19 AM/EST
A planned cyber-attack against CNN.com fizzled over the weekend, but The Sports Network did not survive the DDoS (distributed denial-of-service) assault by Chinese hackers. At 10:00 a.m. on Monday morning, The Sports Network home page carried this note: "The Sports...
Saturday, April 19, 2008 6:40 PM/EST
OpenOffice has issued a high-priority update to fix at least six vulnerabilities affecting users of its free desktop productivity suite. The open-source group said the critical vulnerabilities affect OpenOffice.org suite versions prior to 2.4. An alert from Symantec's DeepSight...
Saturday, April 19, 2008 3:33 PM/EST
Over on Twitter, during a discussion on PayPal's plan to ban "unsafe browsers," I suggested there was no way the company would risk blocking Safari connections. Can't afford to alienate iPhone and the mobile transaction market. Woke up this...
|
|
