HomeBlogsSecurity Watch

Security Watch

Oracle Zero-Day Project Cancelled

UPDATED: Cesar Cerrudo has suddenly cancelled plans to release daily zero-day flaws in Oracle databases during the first week in December. Just days before...

Psiphon Project to Fight Net Censorship

UPDATED: Researchers at the University of Toronto are working on a free tool to allow Web surfers to bypass government censorship of the Web....

Coming in December: Oracle Zero-Day Flaws

On the heels of HD Moore's Month of Browser Bugs and LMH's Month of Kernel Bugs, a database security research expert plans to start...

Rootkits on a PCI Card?

A well-respected British security researcher has found a way to use a PCI device to plant an offensive rootkit on Windows machines. John Heasman,...

The Exploits Are A-Comin’

As are coming fast and furious, including at least two for the nasty MS06-070 worm hole. If you are in charge of a Windows...

Interview: Inside the Mind of a Kernel Hacker

You might be surprised to learn that the mysterious hacker behind the MoKB (Month of Kernel Bugs) project actually believes in responsible disclosure. For...

Unpatch Day: Pay Attention to MS06-070

Microsoft's Patch Tuesday express has dropped off six security bulletins covering at least nine vulnerabilities (not counting those silently fixed thingies). The IE and...

eEye Spies High-Risk Adobe Flaw

eEye Digital Security has flagged a high-severity flaw in an unnamed Adobe product and warned that millions of Windows users are at risk of...

Faceoff: AMD vs. Joanna Rutkowska

In response to my Q&A with Joanna Rutkowska, the stealth malware researcher who used AMD's SVM/Pacifica virtualization technology to create malware (Blue Pill) that's...

Podcast: Matasano’s Dave Goldsmith

My latest OnSecurity podcast is a fun interview with Dave Goldsmith, the former @Stake co-founder who runs the Matasano Security pen testing team. We...