An attacker could launch this type of attack to run unauthorized software on a device connected to the network. In theory, criminals could use this kind of attack to steal sensitive information from mobile phones or redirect Internet traffic on routers, say from a user's online bank account to a ...

The new and upgraded services, set to come out this quarter, are designed to help large organisations protect themselves from threats as well as manage and archive email and instant messaging. Enhancements to Postini's archiving services include a new investigation management feature designed to ease the legal discovery process ...

Mozilla's Firefox 2.0 is vulnerable to attackers armed with the Windows animated (ANI) cursor exploit, that yesterday (3 March) promoted Microsoft to rush out an emergency patch. Alexander Sotirov, the vulnerability researcher at Determina who discovered the ANI flaw last December and notified Microsoft of it later that month, yesterday ...

EEye spokesman Sean Martin confirmed Brown's departure Tuesday, saying that the company would issue a statement on the management change on Wednesday. EEye's board of directors asked Brown to leave, replacing him with Kamal Arafeh, the company's senior vice president of sales and marketing, said a source familiar with the ...

While the month of MySpace bugs project kicked off on schedule to start the month, another hacker campaign turned out to be an elaborate April Fools' Day joke. The Week of Vista Bugs project was designed to play a trick on the media, but also to get people to be more ...

Protection for data on the move Fujitsu Europe is offering the optional fitting of its latest hard drive series MHW2xxxBH with a freefall sensor (FFS). Fujitsu said it has started offering new optional protection mechanism to all SATA-hard disc drives of the MHWxxxxBH-series with a capacity of 40 to 160 GB and ...

Tricky little blighter but no harm done. A worm targeting Skype is harvesting email addresses and directing users to a range of sites hosting other malicious software, according to security vendors. Read more at ivanr

Cross-platform worm shows open source hasn’t learnt from proprietary world. The first cross-platform worm specifically tailored for the open-source OpenOffice.org and StarOffice productivity suites has raised a few hackles in open source circles, since it appears to tarnish the suite’s reputation for security. Read more at rcbarnett

Amid warnings about the risk of identity theft, Canadian insurance companies have begun offering policies that help defray the cost of setting things right, if you fall victim. Identity theft occurs when a crook uses another person’s name and other personal information such as social insurance number, credit-card number or bank ...

Today I added a little simple SQL Injection Detection Heuristic to the development version of the Suhosin extension that can optionally log and block SQL queries. At the moment it is possible to log and/or block mysql(i) SQL queries that contain comments, comments that are not closed, queries with UNIONs ...

Windows Vista the latest edition of the Windows product from Microsoft, supposidly the most secure OS yet (so secure Microsoft have quoted as Vista not needing an antivirus software) although many security flaws have been found both by software security firms such as Determina plus many hackers finding exploits in ...

The WiFi security protocol WEP should not be relied on to protect sensitive material, according to three German security researchers who have discovered a faster way to crack it. They plan to demonstrate their findings at a security conference in Hamburg this weekend. Mathematicians showed as long ago as 2001 that the RC4 key ...