google

If an attacker can entice a user to visit an attacker controlled web page, the vulnerable ActiveX control could be invoked to download an attacker-modified package.

According to Apple's advisory accompanying the patch, the actual vulnerability was not in the Safari browser but in the way ATS (Apple Type Services) handles certain fonts.

The attacks occurred mostly on WordPress blogs hosted by Network Solutions but it appears that there are multiple security weaknesses in play.

The flaw occurs because the Java-Plugin Browser is running "javaws.exe" without validating command-line parameters.

Adobe is suggesting that users configure its PDF Reader product to limit the damage from an attack.

Apple's security has always been a tumultuous area of conversation among Mac and iPhone aficionados. On the one hand, you are always hearing things like "the Mac is easier to break into than Windows 7" or the "iPhone isn't safe enough for Enterprise!" But when has there ever been an outbreak among Apple machines?

read more

LAS VEGAS — A popular laptop theft-recovery service that ships on notebooks made by HP, Dell, Lenovo, Toshiba, Gateway, Asus and Panasonic is actually a dangerous BIOS rootkit that can be hijacked and controlled by malicious hackers.The service — called Computrace LoJack for Laptops — contains design vulnerabilities and a lack of strong authentication  that [...]

For years spammers relied on basic mass marketing concepts in an attempt to target everyone, everywhere, thereby sacrificing quality for quantity.Things changed, at least for some of them. Realizing the advantages of market segmentation, certain spammers started segmenting the databases of harvested or emails based on their country of origin, followed by an attempt to [...]

The way most people remove malicious software from an infected Windows machine can be improved upon.

read more

The current zero-day attacks against Adobe Flash Player are not quite zero-day after all.   According to new information, Adobe’s security response team knew about the vulnerability since December 31, 2008 (see image below) but it was misdiagnosed as a “data loss corruption” issue.When word of the attacks surfaced this week, Adobe quickly locked access to [...]

Guest editorial by Oliver DayChinese military leaders have always been aware of the military advantage the US has over the People’s Liberation Army.  Reading through their published assessments of Sino-US war possibilities confirm our belief that we would dominate them in the air, land and sea.  However the PLA was born of asymmetric warfare and [...]