By the middle of next year, the lock that Latin alphabets have had on Internet domain names will be broken, when a plan announced last week by the International Corporation for Assigned Names and Numbers, better known as ICANN, is

Cloud computing is a popular topic these days. One of the ways in which cloud computing is being delivered to businesses is by hosted email security services.A hosted email security provider offers antivirus and antispam protection for their customers using

Facebook announced on Thursday that it has won its lawsuit against notorious spammer Sanford Wallace. A judge in San Jose, CA awarded the site a $711 million judgement, the second largest in history to be awarded under the CAN-SPAM Act."While

The Palm Pre WebOS .

An improper setting of the exception code on page faults may allow for local privilege escalation on the guest operating system. This vulnerability does not affect the host system. A directory traversal vulnerability allows for remote retrieval of any file

Improper parsing of the PDF structure leads to evasion of detection of malicious PDF documents at scantime and runtime. This has been tested with several malicious PDF files and represents a generic evasion of all PDF signatures and heuristics .

Unauthorized calls are allowed on prohibited networks .

Rising installs the own program files with insecure permissions (Users: Full Control). Local attacker (unprivileged user) can replace some files (for example, executable files of Rising services) by malicious file and execute arbitrary code with SYSTEM privileges. This is local

This vulnerability allows attackers to deny services on vulnerable installations of Novell eDirectory. Authentication is not required in order to exploit this vulnerability .

A potential security vulnerability has been identified in HP-UX using libc. This vulnerability could be exploited remotely to create a Denial of Service (DoS) .

Four critical vulnerabilities affecting Adobe Shockwave Player have been discovered: String Length Code Execution; Pointer Overwrite Code Execution; Invalid Pointer Code Execution and Invalid Index Code Execution .

There is a CAD Service buffer overflow vulnerability in IBM Tivoli Storage Manager Client, which can be exploited by malicious people to compromise a vulnerable system .

An authenticated Hyperic user can create an alert with JavaScript code in the Description field. When a user visits the Alerts list, the Description field of every alert is displayed without properly escaping especial HTML characters, thus leading to a

It was found that the download facility of Microsoft SharePoint Team Services can be abused to reveal the source code of ASP.NET files .

There is a rather lengthy set of posts on using cloud based computing services as ideal venues for crypto and password cracking. Link: Link:

How ISA Server 2006 uses digital certificates in web chaining and reverse publishing scenarios.

October 30, 2009Doctor Web, Ltd. announces the release of drw50048.vdb (drw4449p.vdb) - the corrected weekly add-on to the Dr.Web virus database.It was realised for the purpose of false alarm amendment of Trojan.Packed.682.Corrected weekly add-on is available on all updating servers

The House Judiciary Committee has recessed its meeting to "mark-up" Chairman Conyers' PATRIOT renewal and reform bill, the USA Patriot Amendments Act of 2009 (), so that the committee members can attend a vote on the House floor. We don't

San Francisco - Please join the Electronic Frontier Foundation (EFF) for a panel discussion on "The Future of DVD" at the Varnish Gallery in San Francisco on Monday, November 9, at 5:30 p.m.Panelists include Kaleidescape CEO Michael Malcolm, Real Networks

Negotiations on the highly controversial Anti-Counterfeiting Trade Agreement start in a few hours in Seoul, South Korea. This week's closed negotiations will focus on Negotiators will be discussing the Internet provisions drafted by the US government. No text has been