News items, Blog posts relating to Security

Review: Aerovation Checkpoint Friendly Laptop bag simplifies security process

If you read my post on "checkpoint friendly" bags back in July you may be wondering what is going on with this program. Starting on 16 August, the TSA announced they were ready allow compliant "checkpoint friendly" bags through the X-ray machines while remaining in the bags. The TSA always...

How to: Securing iPhone

The iPhone has vulnerabilities.  In the past, some have been very serious.  Sometimes, Apple takes a very long time to get them fixed. The security hiccups have done nothing to slow down the sales and usage of the device so it just might be a good idea...

DDoS + Web 2.0 == Buckets o' traffic

Denial of Service attacks are based upon a simple idea: generate the maximum amount of traffic using the minimum amount of work. At one time this was as simple as sending a spoofed ICMP echo packet to a broadcast address or similar shenanigans. Modern DDoS attacks rely upon...

The Office (2.0): No paper? No problem.

I think I may have been the only person at this week's Office 2.0 conference using - gasp! - a pen and paper. There was no program "book" when I registered - the agenda was online only. And none of the exhibitors handed out press releases on paper - though...

Google Chrome vulnerabilities starting to pile up

[ UPDATE: See below for Google's official response to these issues ] Security vulnerabilities in the new Google Chrome browser are beginning to pile up. Following our coverage of the carpet bombing combo threat and denial-of-service crashes, several readers have sent pointers to...

An open source rootkit kit

I'm not ready to throw a security guru under the bus simply because he believes that an open source process can do what the older proprietary and highly secretive processes have not, namely deliver real security. by Dana Blankenhorn

Microsoft exec rebuts hypervisor security claims

Microsoft security strategist Steve Riley has answered claims that the company's hypervisor software could be maliciously replaced on PCs without administrators knowing. SYDNEY, AUSTRALIA--Senior Microsoft security strategist Steve Riley has used the vendor's TechEd conference in Sydney to rebut claims by a Polish researcher that Microsoft's hypervisor software could...

Welcome Adam O'Donnell, Sean Portnoy

We have a few new faces on the blog network--Adam O'Donnell has been added to Zero Day and Sean Portnoy, who is taking over the SoHo networking blog. Adam rounds out the coverage of Ryan Naraine and Dancho Danchev on Zero Day, our security hub. ...

21% of CIOs expect their security budgets to increase

21% of Forrester survey respondents expect to increase their IT security budgets in 2009, while nearly three-quarters of those surveyed expect no cutbacks in their security spending. Only 6% of respondents anticipate having to cut their security budget 2009 despite the current economic uncertainty. Security makes up 10% of overall...

Malware and spam attacks exploiting Picasa and ImageShack

In the wake of the recent malvertising attacks where malicious flash ads were appearing at trusted web sites, evidence from multiple vendors and researchers indicates that spammers and malware authors have once again switched tactics, and are one again abusing legitimate services such as Google's Picasa and ImageShack. Whereas the...

Super Tuesday: Nike Pro, iTunes unlimited, Sirius, NFL?

With Tuesday's iPod event beginning to take shape, a couple of Super Tuesday rumors slipped through the cracks in my fortune teller piece yesterday. 1. TUAW thinks that we may see an updated Nike+ rig (Nike Pro?) for the runners out there. Since the original Nike+ kit...

Who wins with Google Chrome

The winners and losers in Google Chrome are technologies. Not companies. Not sites. Technologies. And those which are open source are naturally advantaged. It's the open source process itself that is the biggest winner with Google Chrome. by Dana Blankenhorn

A new method to study origin of life

U.S. researchers at Penn State University have developed a new computational method to understand how life began on Earth about four billion years ago. According to the scientists, their method 'has the potential to trace the evolutionary histories of proteins all the way back to either cells or viruses, thus...

A virus in our genes, think about that....

Really fascinating news: Virus is passed from parent to child in the DNA. Researchers found that roseola, an infection that everyone apparently gets but only 20 percent of children develop the characteristic rash that gives it its name, is actually in our DNA. It co-evolved into us, which raises some...

Anyone bothering with client-side AV anymore?

I got a call from a vendor yesterday offering me a full suite of client and server antivirus tools, for the low, low price of only $1.79 per client. I just couldn't get excited over it, though. Their services seemed robust, included regular updates, tech support, and slick...

DoS vulnerability hits Google's Chrome, crashes with all tabs

Whoa! Google Chrome has crashed. Restart now? While Google's Chrome team is cheering, Rishi Narang from Evil Fingers is typing and releasing a proof of concept for a denial of service vulnerability that is successfully crashing the Chrome browser with all tabs. According to Narang's advisory : "An issue...

iPhone's remote deletions may help crooks cover tracks

Certain features of increasingly widespread enterprise smartphones may aid criminals in hiding incriminating evidence, says the UK's Serious Fraud Office. Criminals can remotely destroy incriminating evidence by exploiting security features on the Apple iPhone, a leading digital-forensics expert has warned. The head of the UK's Serious...

Security-wise, Google Chrome is (potentially very) Good

Security bloggers are already commenting on Google's slightly premature "Chrome" browser leak. Built on top of the Apple sponsored WebKit engine, the browser offers several security features that we have only seen so far in the beta releases of IE8. The most interesting feature discussed so far...

Google Chrome vulnerable to carpet-bombing flaw

Google's shiny new Web browser is vulnerable to a carpet-bombing vulnerability that could expose Windows users to malicious hacker attacks. Just hours after the release of Google Chrome, researcher Aviv Raff discovered that he could combine two vulnerabilities -- a flaw in Apple Safari WebKit and a...

Hacker wants promise he'll be returned to UK

British hacker Gary McKinnon is almost out of options to avoid extradition to the US, but not quite. The BBC reports that McKinnon is asking the British Home Office to ensure he won't be jailed in the US once he's convicted. His lawyer wants him returned to the UK after...

Category: Uncategorized

More Feeds