Ryan Naraine | December 02, 2006 10:12 AM
UPDATED: EveryDNS, a company that offers free domain name management services, has been hit by a massive DDoS (distributed denial-of-service attack) that affected thousands of sites, including OpenDNS (a sibling startup that runs the PhishTank anti-phishing initiative).
Ryan Naraine | November 30, 2006 3:11 PM
The security model of that BlackBerry on your hip isn't holding up very well to third-party scrutiny. According to a white paper by John O'Connor, a researcher on Symantec's security response team, hackers can pay $100 for an API developer key that can open doors to the theft of data
Ryan Naraine | November 29, 2006 9:11 PM
The latest installment of the eWEEK OnSecurity podcast is a sharp discussion between my colleague Matt Hines and Symantec's anti-spam guru Doug Bowers about the rising tide of unwanted e-mail and the range of Internet and computer security threats. Download audio.
Ryan Naraine | November 29, 2006 1:11 AM
UPDATED: Cesar Cerrudo has suddenly cancelled plans to release daily zero-day flaws in Oracle databases during the first week in December. Just days before the project was due to start, Cerrudo announced that "due to many problems," the WoODB (Week of Oracle Database Bugs) has been scrapped.
Ryan Naraine | November 29, 2006 12:11 AM
UPDATED: Researchers at the University of Toronto are working on a free tool to allow Web surfers to bypass government censorship of the Web. The tool, called psiphon, is part of a human rights software project developed by the Citizen Lab at the Munk Centre for International Studies and
Ryan Naraine | November 20, 2006 4:11 PM
On the heels of HD Moore's Month of Browser Bugs and LMH's Month of Kernel Bugs, a database security research expert plans to start a new project dedicated to releasing zero-day flaws in Oracle database server and application products...
Ryan Naraine | November 17, 2006 1:11 PM
A well-respected British security researcher has found a way to use a PCI device to plant an offensive rootkit on Windows machines. John Heasman, principal security consultant at NGSS (Next-Generation Security Software) released a research paper on the Daily Dave mailing list discussing a means of persisting a rootkit on
Ryan Naraine | November 15, 2006 10:11 PM
You might be surprised to learn that the mysterious hacker behind the MoKB (Month of Kernel Bugs) project actually believes in responsible disclosure. For the entire month of November, the man known simply as "LMH" is releasing a daily proof-of-concept exploit for unpatched kernel-level flaws in operating systems -- including