Articles by Chester Wisniewski
Vermont and North Dakota have recently bolstered their data breach notification laws to cover more organizations and additional types of personal information. Meanwhile Michigan lost 49,000 people's names, birth dates and cancer screening records and claims they aren't protected information.
Blackberry released the first two security advisories for its new Z10 smartphone yesterday. One of the patches was for Adobe Flash vulnerabilities from January. Flash? On a smartphone? In 2013?
Right on time, Microsoft and Adobe released fixes today for Windows, Internet Explorer, Microsoft Office 2003 and 2011 and Adobe Flash Player. Time to dance that familiar dance and get those updates installed.
This week US authorities shut down Liberty Reserve, an online currency favored by cybercriminals. Will enforcement actions have any real impact on the underground economy?
In this podcast Chester interviews Parmy Olson author of "We are Anonymous" about her thoughts on LulzSec, their sentencing and the Anonymous movement. Parmy also shares some of her thoughts on Firefox OS and other developments from Mobile World Congress 2013.
Apple released the latest update to iTunes today, version 11.0.3, fixing 41 vulnerabilities in the Windows version and 1 in the OS X version. Many of these flaws are rated critical and we advise you update as soon as possible.
Microsoft has just released its monthly updates for May 2013. The zero-day IE flaw used on the Dept of Labor website was fixed, as well as an IE 10 hole used at PWN2OWN.
Critical fixes for Adobe Reader, Flash Player and ColdFusion also hit the streets today.
Facebook has introduced a new way to utilize its services on Android mobile phones. Facebook Home streamlines keeping in touch with friends, their photos, Likes and shares. The issue is how it impacts your privacy, even if you choose not to use it yourself.
As expected Microsoft released seven important and two critical fixes for Windows, Internet Explorer and other Microsoft products. Adobe followed suite releasing fixes for ColdFusion, Flash and Shockwave. Patch now!
Ukrainian newspaper Kommersant reported on a joint operation by the Ukrainian and Russian federal police arresting 20 people allegedly behind the Carberp banking malware. Is this a sign that we may see more arrests by the FSB and SBU in the future?
There is a lot of talk in the security industry about how much everything sucks. While no individual solution is a silver bullet for solving your security woes, but we shouldn't forget that an effective defense requires depth.
The largest recorded DDoS attack has been ongoing for over eight days now, causing slowdowns and errors throughout the internet. Is this a one time scenario or does this expose a greater weakness in the world's largest network?
Chet inteviews the writer and director of hacker film "Code 2600" and Austin BSides organizers/consultants Michael Gough and Ian Robertson. We also introduce the new Kickstarter Hackers in Uganda.
When we think of secure programs we think about things like buffer overflows, null pointer dereferences and other technical jargon. Adam Shostack of Microsoft explained the importance of designing usable interfaces to help users make smart security decisions at last week's BSides conference in Vancouver Canada.
Apple released a statement today acknowledging that they were victims of the same attackers that Facebook talked about last week. A zero-day Java vulnerability infected Apple Mac developers through a drive-by attack.
Microsoft has released 12 patches covering 56 vulnerabilities as part of the February monthly "Patch Tuesday" update. Five of these patches are rated critical and code allow criminals to drive-by install malware onto Windows systems.
Researcher HD Moore published a paper last week showing that more than 23 million routers, TVs, cameras and printers are vulnerable to a remote code execution flaw in UPnP.
Twitter users mentioning the Super Bowl are being bombarded with scam tweets, don't click links promising free Super Bowl info.