Cryptographers have exploited a known weakness in the MD5 algorithm, allowing them to create forged digital certificates. Doing so potentially trashes any security provided by the HTTPS protocol.
The developers of the DNS Changer trojan have been busy, three generations just in the past year. The newly released version is the one we need to worry about. Learn how to find and combat it.
A new IE7 exploit is now making the rounds. It has already been incorporated in toolkits that install information-stealing trojans. Read on to learn more.
Home DSL routers aren’t secure from specialized CSRF attacks. Once the DSL router is owned, attackers can have their way with the internal network. Read on to learn about CSRF and what you can do to prevent CSRF attacks.
Microsoft created MS08-067 to fix a serious vulnerability. MS even felt the problem was critical enough to justify an out-of-band release of the update. They were right, find out why.
Brad Bird takes a look at virtual servers and their level of security compared to physical servers. What makes a virtual server a richer target for attack? Are you prepared for the security considerations?
After McColo was shut down, the Srizbi botnet, a major source of spam and over 300,000 strong, was effectively quieted. Not for long, Spam levels eventually started ramping back up. How’s that possible with no command and control servers? Read on to find out.
Some say yes and others say no. The people developing rootkits are smart and financially motivated to design rootkits that evade detection. So what’s the answer?
Consultant Brad Bird takes a look at NTFS file permissions and their default application. Make sure you understand what each of them includes and how they are inherited through the hierarchy to close up security gaps.
Getting rooted by a drive-by dropper is fast becoming the predominate method of involuntarily joining a botnet. Simplest way to avoid this is to keep your computers up to date. Easier said than done, well it doesn’t have to be.