HomeBlogsSecurity Watch

Security Watch

Full-Disclosure Security List Is Reborn

Barely seven days ago, I was among the many people who were lamenting the loss of the Full-Disclosure security mailing list. Today, I mourn...

Full-Disclosure Mailing List Shuts Down

From the time I first started writing regularly about IT security in 2003 until today, the Full-Disclosure mailing list has been a must-read resource...

Mozilla Gives Up on Persona Single Sign-On, for Now

Mozilla quietly announced in a blog post March 7 that it is no longer putting full-time developers to work on the Persona Web-authentication system....

Microsoft to Fix an Internet Explorer Zero-Day Flaw

It looks like at long last Microsoft will plug a zero-day flaw in its Internet Explorer (IE) Web browser March 11. That is, of...

Target Is the Victim of a Crime; Don’t Forget That

Retail giant Target lost its CIO, Beth Jacob, on March 5. The story is that Jacob resigned after being at the company 12 years.Target,...

HP Researchers to Compete Against Google in Pwn4Fun

Hewlett-Packard and its Zero Day Initiative (ZDI) effort sponsor the Pwn2Own contest every year at the CanSecWest conference. At Pwn2Own, independent security researchers square...

RSA Conference Proves Why the Privacy Landscape Is Challenging

From Monday, Feb. 24 to Friday, Feb. 28, I was trapped in the bowels of the Moscone Center at the RSA Conference here and...

Is the RSA Conference Safe?

SAN FRANCISCO—The RSA security conference here is all about helping to educate and give people the tools to be safe in the modern digital...

Adobe Updates for Zero-Day Risk, Handles Emergency

Adobe issued an unscheduled zero-day update for a security issue on Feb. 20 for its Flash Player 12.0.0.44 and earlier versions for Windows and...

Microsoft IE Zero Day Exploited in the Wild

A week ago, the advance notification for Microsoft's February Patch Tuesday promised no Microsoft Internet Explorer patches. At the time, I wrote that it...