Something to watch out for if you are a user of any of Yahoo’s services.

Yahoo tracks all of its users everywhere on the web and the way to opt-out is detailed below. If you have a Yahoo e-mail account or belong to one of Yahoo’s many Yahoo groups, this probably applies to you. Yahoo has […]

Mozilla has announced 2 critical vunlerabilities present in the 1.0.3 release of its Firefox browser. The Mozilla Suite is also partially vulnerable.
By causing a frame to navigate back to a previous javascript: url an attacker can inject script into any site. This could be used to steal cookies or sensitive data from that site, or […]

Today, the security firm Secunia has released 8 more security bugs it has discovered in Mozilla products, including Firefox and Thunderbird.
If you have downloaded the Firefox 1.0.1 update, you have nothing to worry about. The Mozilla 1.7.6 and Thunderbird 1.0.1 released should be out this week as well. The exploits “could be used by criminals […]

If you are a Mac user and favor the Safari browser, there is a fix out there for you to cure you of that IDN spoofing silliness going around.

Jon Hicks has recently posted a link to this site offering a fix for Safari. Basically, you can use the Saft plugin to detect phishing attempts until […]

Doug Bowman has written up a great piece on how to securely access your e-mail when you are using open or public WiFi Hotspots.

The majority of these wireless networks are configured with the lowest possible security settings, so that customers can connect to the network as easy and trouble-free as possible. This allows just about […]

News.com is reporting that Netscape will soon release a browser with built-in anti-phishing measure. Details on how it accomplishes this are still vague, but it claims to be different from how Internet Explorer and Firefox detect phishing sites.
In related news, Thunderbird recently had an anti-phishing mechanism checked into one of it’s nightly builds.

I can just see it now:

Mechanic: “What seems to be the problem?”
Customer: “I’m not sure. My car just freaked out yesterday. The windshield wipers started wiping, the lights were flashing on and off, and when I turned on the radio, I got a BSOD.”
Mechanic: “Hmm, sounds like you caught a […]

Ouch… this Evil Twin wifi thing != good

Only YOU can prevent forest fires… or help find a decent user manager for ActiveDirectory.

We all know about the security threat of non-sanitized user input, but it’s pretty scary how much a hacker can learn about your database structure just through SQL injections. This article, one of the most interesting I’ve read in a long time, shows how easy it is to gain access to an intranet area.

A […]

I was excited to see the headline of this article thinking that it would go over the numerous amount of ways hackers like to get into websites and ways to prevent that. Unfortunately, this article is more of a preface that you see at the beginning of a book.
I know any article like this could […]

Symbiot Security recently released news of a controversial new defensive computer security service and placed a stake in the ground of enterprise security with a white paper titled “On The Rules of Engagement [PDF].” Essentially, the rules allow victims of network-based attacks to plan and execute countermeasures - effectively fighting back. Andy Oram from the […]

Whenever you access your bank account via the web, or login to eBay or any other web service that’s access controlled, you trust that service to protect your account details.
In most cases your username and password pair are submitted to the web service in an encrypted form via the SSL protocol. Whereupon they are further […]

Tom M. Thomas explains the basics of setting up security for a wireless network. He warns technicians of the various ways in which a wireless network can be breached, and provides help in protecting against those attacks.

It’s lengthy and can get annoying having to click “Next”, but in this situation lengthy is good as it […]

“Israel” uses his social engineering skills to improve his company’s security… walks out the door with $3500 in computers, gets enough information on an employee to make identity theft very easy (with the director of security sitting right beside him with an expression of disbelief glued to his face)