Firefox code under the microscope

Friday, September 8th, 2006

So, the stories are out of the analysis of the code for Mozilla Firefox. It seems there were a large number of potential flaws found (71 potential security vulnerabilities) according to the article. This was done using an automated tool and many say, that in order to evaluate the true severity of the flaws, you […]

System patching 0-days and ancient-day vulnerabilities

Tuesday, September 5th, 2006

There’s a good article at Michael Sutton’s Blog which points out something that really makes sense and I think many people are aware of, but with all the buzz that a new previously undisclosed vulnerability has, we forget. The point is this, there are plenty of machines online vulnerable to ancient flaws that have been […]

Nugache the latest in bot-net technology… and why you should care about botnets…

Wednesday, May 17th, 2006

To show you where the threat with bot networks is going there’s a story today on Nugache (Symantec summary) which is a bot that takes advantage of a number of clever tricks to avoid having the whole bot net shut down, allow command and control on an encrypted channel and essentially have no “human readable […]

Federal requirement to disclose database security breaches?

Thursday, May 11th, 2006

Fines and prison time are among the penalties envisioned under a proposed house bill. The requirement would be that businesses with database holding information on more than 10,000 people (or federal employees) would have to inform either the Secret Service or the FBI of a data security breach. (The maximum sentence would be five years.) […]

Microsoft’s speed to get security patches out

Wednesday, January 11th, 2006

Brian Krebs at the Security Fix has done an interesting study related to how long it takes Microsoft to release a security fix for a problem, starting from the time they are notified of the security vulnerability. For the most part, 134.5 days has been the window between notification and vulnerability patching for the last […]

Viral turf war

Wednesday, August 17th, 2005

I remember very well the competing worms that came out in early 2004, Netsky and Bagel (Beagle) and to a degree Mydoom as well. One would try to uninstall the other as they fought for control of a pc. They were done by competing gangs and were literally waging a turf war with home (and […]

The connection between Spam and Viruses

Thursday, November 13th, 2003

After comparing MANY of these delivery failures (a fraction of what has gone out with my domain name forged I’m afraid…) They are all advertising essentially the same site (sometimes different gateways to it, but I’ve traced it all back to a close group of domains that have been unresponsive to abuse reports online….    […]

Google
 
Web www.averyjparker.com