The Microsoft Security Response Center (MSRC) Engineering team is reporting a vulnerability involving VBScript and Windows Help files. In Microsoft Security Advisory 981169, the MSRC says that hitting the F1 Help key can activate a vulnerability in VBScript enabling Remote Code Execution. The new Microsoft threat involves any version of Internet Explorer on Windows 2000 [...]
Trend Micro, in a December 2009 report, The Future of Threats and Threat Technologies: How the Landscape Is Changing (PDF) predicts that changes to the Internet infrastructure will widen the playing field for cybercriminals. One of the changes Trend Micro predicts it the IPv6 Malware Experimentation Stage. The anti-virus firm points out that many weaknesses [...]
Director of national intelligence Dennis C. Blair, told lawmakers on Tuesday (02-03-10) the prospect of a major terrorist attack on America, was the “primary near-term security concern of the United States.” The New York Times reports that Mr. Blair began his annual threat testimony before Congress by saying that the threat [...]
The massive Rockyou.com breach reveals the weakness of most passwords. The Rockyou.com breach provided an opportunity to evaluate the true strength of passwords as a security mechanism. The California based security firm Imperva analyzed the stolen cache of 32 million passwords and the results are not pretty. According to researchers, the majority of [...]
PC World chronicles how analysts at the a California based security company FireEye executed a plan to shut down the Mega-D botnet in early November 2009. At one point the Mega-D botnet reportedly accounted for 32 percent of all spam. In order to shutdown this threat, Afit Mushtaq and two FireEye colleagues went after [...]