Lisa Vaas

In a routine thats become as regular as the waxing moon, China has once again denounced charges that the Peoples Liberation Army has been engaged in hostile hacking of government sites—in this case, a Pentagon network—calling the charges “wild accusations” that smack of Cold War mentality. “The Chinese government has all along [been] opposed to […]

A network of infected zombie computers has been roped into acting as vectors in a new distributed attack thats targeting eBay accounts. The attack, which is trying to wrestle personal financial data out of eBay accounts by brute force, has been going on for at least a week, officials at Aladdin Knowledge Systems told eWEEK. […]

Attackers can nail Apples AirPort Extreme wireless routers thanks to—yet again—the way the IPv6 protocol handles Type 0 routing headers. Its long been known these routing headers can be used in IPv4 to crazily bounce network packets back and forth between hops on their route, potentially causing denial of service. The fact that they can […]

Microsoft lawyers have shut down a free, popular patch download utility thats been dispensing patches to its systems users for four years now. “I had a call from Microsoft Legal this morning and they have told me that we are no longer allowed to endorse AutoPatcher on Neowin,” said Steven Parker in a posting to […]

McAfee Lauds Microsofts Vista SP1 Security Overhaul “> Back in the fall of 2006, McAfee, Symantec and Check Point fumed as Microsoft Vistas Security Center hid their products where only sophisticated and dedicated customers could dig them out. Not only that, Microsoft in effect hid its x64 kernel as well, putting it beyond the reach […]

Sony appears to be reliving its rootkit nightmare of 2005, when it had to yank its XCP digital rights management technology after security experts said the technology used malicious rootkit techniques to evade detection on Windows systems. This time, three Sony USB fingerprint devices are planting hidden files for two separate rootkitlike programs, according to […]

McAfee Avert Labs has uncovered a new zero-day in Yahoo Messenger Webcam and are warning people not to accept invites from people they dont trust until a patch is out. Avert Labs is calling this a “classic heap overflow” that can be triggered when a victim accepts a webcam invitation. The issue was first discovered […]

First there was Atsiv, the kernel driver that served as a welcome mat for unsigned and potentially malicious drivers to load into Vista and other Microsoft operating systems. Then came the ATI driver that could allow arbitrary memory writes to the Vista kernel—a vulnerability that has been introduced to potentially millions of laptops, given that […]

The Ubuntu community had to yank five of the eight Ubuntu-hosted community servers sponsored by Canonical offline Aug. 6 after discovering that the servers had been hijacked and were attacking other machines. It was suggested during an IRC (Internet relay chat) meeting of the Ubuntu colocation team Aug. 14 that the source of the troubles […]

Microsoft is working with AMD to fix a bug in an ATI driver that ships preinstalled on millions of laptops and which leaves the Vista kernel open to arbitrary memory writes by malicious driver authors. Its not just ATI—virtualization security researcher Joanna Rutkowska said during her presentation at Black Hat earlier in August that ATI, […]