A look at the recent Firefox 3 vulnerability   22 Jul 2008 16:22 GMT
True to form, Billy Rios promised a more in depth look at the MSFA2008-35 vulnerability which is another protocol handler flaw in Firefox 3.  As previously reported here, this was another protocol handler flaw that led to arbitrary remote command execution, and is especially dangerous since it can be deployed...
Source: ZDNet

E-gold owners plead guilty to money laundering   22 Jul 2008 15:50 GMT
Wow, big morning!  If anyone has seen Nitesh Dhanjani and Billy Rios's talk on phishing and identity theft, which was presented at the last couple Black Hat conferences, and will be on display again at Black Hat Vegas, you know that the identity theft market is a huge problem.  You...
Source: ZDNet

Vulnerability disclosure gone awry: Understanding the DNS debacle   22 Jul 2008 14:09 GMT
On July 7, the day before the release of the patch for the now infamous DNS design flaw, hacker Dan Kaminsky with the help of Black Hat conference organizers invited reporters to a press conference to "discuss the massive multivendor patch being released this Tuesday." "A synchronized...
Source: ZDNet

GOING MOBILE: Developing an Effective Corporate Mobile Policy   22 Jul 2008 13:00 GMT
(Source: RIM) Mobilizing your business is a journey, and it starts with planning and ensuring that you have the right infrastructure and management tools in place to support your needs for today, and tomorrow. Download this paper now.

Source: Computerworld

GOING MOBILE: Developing an Application Mobilization Plan for your Business   22 Jul 2008 13:00 GMT
(Source: RIM) Mobilizing your business is a journey, and it starts with planning and ensuring that you have the right infrastructure in place to support your needs for today, and tomorrow. Download this paper now.

Source: Computerworld

Stolen tape puts Bristol-Myers employee data at risk   22 Jul 2008 13:00 GMT
Bristol-Myers Squibb confirmed that a backup tape containing personal information on employees, former employees and their families was stolen last month from a third party transport vehicle.

Source: Computerworld

The ROI and TCO Benefits of Data Deduplication for Data Protection in the Enterprise   22 Jul 2008 13:00 GMT
(Source: datadomain) Deduplication storage is quickly becoming the standard for disk-based backup and nearline storage use in enterprise data centers across many industries. This paper examines and quantifies the costs and benefits of backup with deduplication storage as strategic assets for data protection.

Source: Computerworld

Backup and Recovery for Microsoft Exchange Server   22 Jul 2008 13:00 GMT
(Source: datadomain) Protecting Exchange information is critical and backup is still the primary method used. Combining traditional backup with other methods such as clustering, replication and continuous data protection provide for a robust Exchange protection strategy. This paper focuses on the traditional backup and recovery practices for Exchange along with solutions from Data Domain.

Source: Computerworld

Has Halvar figured out super-secret DNS vulnerability?   21 Jul 2008 21:12 GMT
It looks very much like the nitty gritty of Dan Kaminsky's super-secret -- and heavily hyped -- DNS cache poisoning vulnerability has been figured out by reverse engineering guru Halvar Flake. Clearly irked by a demand request from Kaminsky and others to avoid speculating on the details...
Source: ZDNet

2008 Pwnie Award nominees announced   21 Jul 2008 16:12 GMT
Well, after getting 134 nominations, and spending countless hours pulling out nominees, the judges for the 2008 Pwnie Awards have announced the final nominees to be voted on.  From the site: The final list of nominees for the nine Pwnie Award categories is ...
Source: ZDNet