Archive for November, 2007

After patching QuickTime to version 7. 3 and thus disposing of a widely-exploited bug, Apple is facing yet another vulnerability. This particular one affects Windows XP and Vista users, although it's not certain yet, whether Mac OS X is susceptible. More...

The new Windows instant messenger program has been released to private beta-testers last week. The new version will have a new security feature - Anti-SPIM (spam over instant messages). There has been feedback that the new feature will be annoying at best, but possibly even dangerous. More...

A flaw that had been patched for Mac OS X 10. 4 has resurfaced again in Apple's new operating system Leopard. The vulnerability lies in Apple mail and could allow malicious software to be disguised as benign attachments. More...

Light up some candles, since you've just missed Storm's birthday. To those of you who don't know what Storm is, well, it is the virus with the biggest botnet (essentially, a group of zombie computers controlled remotely) since a lot earlier in the decade. It is assumed that Storm's botnet has at least 1,000,000 PCs. More...

Not unlike retailers, cyber-criminals are getting ready for Black Friday, which marks the beggining of the holiday season in the United States. Gullible consumers are at great risk of getting cheated. "The holiday season in general is a huge time for hackers . More...

On November 14 Apple released an update for its Mac OS X, patching 41 vulnerabilities at once. 15 of these vulnerabilities were critical since they were flagged as capable of "arbitrary code execution," or, in other words, these flaws could be exploited to compromise a Mac. The remainder fixes took care of bugs that could allow for system and application crashes, infecting the Mac's DNS cache, allowing malicious Web sites to perform drive-by downloads, or letting hackers steal information or observe the contents of a user's hard drive. More...

Dr. Benny Pinkas from the Department of Computer Science at the University of Haifa has expressed his concern on a possible vulnerability in relation to the Windows 2000 random number generator. He said that hackers may exploit CryptGenRandom to reach sensitive personal information including banking details, email passwords and others. More...

The 1. 1. 2 firmware was released last week, in an attempt to disallow third-party applications to run on the iPhone. More...

Encrypted email may protect users from the usual hacker, but probably not against a serious government investigation; A point that was proven by a recent event with the cooperation between Canada's government and hushmail. com. Last week, encrypted email provider hushmail. More...

Microsoft has released a patch Tuesday, for a flaw that involves third-party anti-piracy software bundled with Windows. The flaw was first found by Symantec's Elia Florio three weeks ago, when the vulnerability, which had not been documented, was being exploited on fully-patched Windows XP and Server 2003. The flaw exists in "secdrv. More...