25 Most Dangerous Programming errors revealed

"The US National Security Agency has helped put together a list of the world’s most dangerous coding mistakes. The 25 entry list contains errors that can lead to security holes or vulnerable areas that can be targeted by cyber criminals.
Read more

Serious bug opens major browsers to phishing attack

"Here’s how an attack would work: The bad guys would hack a legitimate website and plant HTML code that looks like a pop-up security alert window. The pop-up would then ask the victim to enter password and login information, and possibly answer other security questions used by the banks to verify the identity of their customers.
Read more

Tor anonymous network now has zero known bugs

"The developers of Tor the internet anonymisation system, have announced that thanks to a Coverity analysis, they have removed a number of bugs and vulnerabilities. Coverity perform source code analysis of C, C++ and Java and in September 2008, found 171 problems in the Tor code base. By December 2008, the Tor developers had got the count down to 15 issues, and have now managed to reduce the bug count to 0.
Read more

Russian Hacker leaves message for Microsoft in Trojan code

"Here’s a new way to get Microsoft to pay attention to you: Slip a brief message into the malicious Trojan horse program you just wrote. That’s what an unnamed Russian hacker did recently with a variation of Win32/Zlob, a Trojan program victims are being tricked into installing on their computers.
Read more

Spyware Guard 2008 Fraud Unabated

Benjamin Googins a senior engineer working on CA’s Anti-Spyware product has blogged about the installation and operation of Spyware Guard 2008. "On a daily basis I see or hear about people (a lot of people) who are duped into buying fake security software that was installed on their PC. The distributors of this ‘rogue’ software are operating seemingly unimpeded by law enforcement and reaping large dividends at the expense of innocent, unsuspecting Internet users for amounts of 40, 50, even $90 a pop. Using ever refined techniques, these fraudsters have duped many people.
Read more

UK ISPs to log all emails for 12 months

"New rules set to come into force in March will require all Internet Service Providers (ISPs) to keep information about every e-mail sent or received in the UK for a year. As the day grows closer so the opposition becomes more vocal.
Read more

Google developer site being used to distribute malware

"Google’s free code-hosting Web site for developers is being used to distribute malware, a security researcher said on Friday. Google Code is a place where programmers can host projects and code.
Read more

Spam: What to expect in 2009

"Spam, oh spam — can we ever get rid of you? 2008 saw a promising blow to the endless sea of junk mail, but the relief didn’t last for long. Now, spam experts say new forms of annoyances are on the way for the new year. "Some battles have been won in 2008, but the war is far from over," says Martin Thorborg, co-founder of SPAMfighter, a software development and spam research company.
Read more