A report delivered at the 2010 Black Hat security conference detailed how hackers can exploit a firmware flaw in some popular home/small-business routers.
As if there were not enough ways to attack PCs, users should add this DNS vulnerability to their security checklist.
Staying safe on the Internet requires the combined forces of a router-based firewall, security software, regular updates, and a secure browser.
In this column, I provide recommendations and tips on how to pick the right router and how to set it up for maximum protection from malicious Web sites.
The debate over who produces the best anti-malware product is quite possibly the most contentious in the PC industry, and your computing safety hangs in the balance.
In this report, I take a look at what test results are available to the public and what they say (and don’t say) about antivirus products.
Recent problems with Adobe Flash and Sun’s Java are leading some users to dispense with either while surfing the Internet.
This week I’ll discuss some of the latest Flash and Java problems and show you how to either disable these plug-ins or install anti-Flash/anti-Java apps.
As described at the Black Hat DC 2010 conference, the exploit is able to convert an encrypted https session into an unencrypted http session; and that’s just for openers.
Fresh from criminal probation for his Samy worm exploits, Samy Kamkar is back with new software that can maliciously target your home network’s router.
Kamkar’s first worm brought MySpace to its knees in 2005. Now, his new proof-of-concept software puts vulnerable home routers in its crosshairs.
A vulnerability making Windows 7 and Windows Server 2008 R2 susceptible to a Web-based attack went uncorrected in this week’s Patch Tuesday releases.
A fix for the same glitch in Vista and Windows Server 2008 appeared in October, but it’s not known when a Win7 patch can be expected.
A hole discovered recently in Secure Sockets Layer (SSL) HTTP sessions is difficult to exploit but may necessitate a revision of the SSL protocol itself.
The big-name browser vendors are quietly working to patch the vulnerability before the bad guys figure out how to use it to crack secure Web connections.
Sites running the FTP service on Microsoft’s Internet Information Services (IIS) Web software may be vulnerable to attacks.
The company says FTP service versions 5 and 6 are affected, but claims version 7.5 is unaffected on Vista and Windows Server 2008.
A presentation by two researchers at a recent security conference suggests that one particular rootkit-like program may be present in 60% of all laptops.
The absence of strong authentication in this well-intentioned, widely distributed program has the potential to compromise systems, according to the researchers, but I believe you actually face little risk.