A security researcher has uncovered a way to abuse the functionality of PDF file viewers to launch attacks without exploiting an actual software vulnerability. Adobe says a warning generated by such an attempt is enough to protect users.
– A security researcher said he has found a new way to exploit Adobe Reader
and other PDF-viewing software without using an actual security vulnerability.
The researcher, Didier Stevens, has developed a
proof-of-concept PDF file that launches an embedded executable. According
to Stevens, PDF vie…

H Security: Firefox developers block old CSS leak

Organizations with top executives who aren’t involved in cybersecurity decisions face a serious problem — a major hit to their bottom lines, according to a report released Wednesday.

Malware has caused the industry to rethink its security best practices, introducing tools such as transaction verification to guard against real-time, man-in-the-middle attacks. Out-of-band authentication mechanisms are growing rapidly in popularity. While it is certain that malware will continue to evolve, Knowledge Center contributor Steve Dispensa offers four simple steps you can take to significantly reduce your malware-induced security breach exposure.
– Malware represents one of the biggest, most rapidly changing challenges facing corporate security today. The threat landscape is always evolving and last year was no different. Google reported a doubling of malware sites, and there were troubling reports last summer of a new kind of active, man-in-t…

Social network monitoring and IP cameras are two ways organizations are keeping a lid on sensitive data and property.

Microsoft uncovered more than 1,800 bugs in Office 2010 by tapping into the unused computing horsepower of idling PCs, a company security engineer said today.

Lifehacker: How Id Hack Your Weak Passwords

Didier Stevens, who probably knows the PDF format better then most and has written some great PDF an …(more)…

The Transportation Department, looking into alleged acceleration problems with Toyota vehicles, is getting help from NASA engineers with expertise in electronics and software.

Google late yesterday reversed its earlier statement and now says that the Chinese government is likely responsible for the difficulties some users in the country had accessing its sites early this week.