As the ongoing saga of Hewlett Packard's 'SpyGate' unfolded before Congress today, with most of the principal players taking the Fifth, at least one fact got clarified. It wasn't spyware ... Read More

Microsoft has released a patch for the VML handling vulnerability. First, install the patch described in the MS06-055 security advisory (or simply visit the Windows Update website). After installing the ... Read More

Stration is a mass-mailing email worm that attempts to download a file from a remote website. It may also inject itself into certain running processes, possibly allowing it to bypass ... Read More

Sorry. I couldn't resist composing a headline entirely out of acronyms. VML = Vector Markup Language FUD = Fear, Uncertainty, and Doubt FAQ = Frequently Asked Questions Since there's a lot of misinformation being ... Read More

For those who subscribe to Red Herring, this news might be a bit late. For those who don't, well, here goes. It seems Red Herring connected some dots and interviewed ... Read More

Alex Woodie, editor of IT Jungle, offers his insights into the sometimes controversial subject of open source antivirus. As Alex notes: "When it comes to security tools and antivirus software--the thin ... Read More

The Microsoft Security Response Center has announced the discovery of a zero-day vulnerability in the Windows implementation of Vector Markup Language (VML). The vulnerability impacts all supported versions of Internet ... Read More

Opanki is a family of IRC worms, commonly spread via AOL Instant Messenger (AIM), that give attackers remote access to infected systems. In turn, these compromised systems form what is ... Read More

Unsolicited email, aka spam, isn't just a nuisance. It can be downright dangerous. Phishing and Nigerian 419 scams, as well as Trojans and spyware, are often delivered by spam. Fortunately, ... Read More

Annoyed by pop-ups? Worried about "drive-by downloads" and spyware? Has your Internet Explorer start page been taken hostage by an unwelcome site? Relax. Internet Explorer has a built-in mechanism for ... Read More

A study by McAfee claims that "at least 12 million computers around the world (are) compromised by botnets." The study doesn't explain how they derived that figure, so I'll leave that ... Read More

I was surprised to read this Secunia advisory, announcing discovery of yet another buffer overflow vulnerability involving malformed TIFF files and affecting Sony's PlayStation Portable (PSP). According to Secunia, "The ... Read More

Vinoo Thomas of McAfee AVERT Labs presents an interesting overview of techniques used by malicious software to thwart security features in Windows or - worse - use them against us. ... Read More

If nothing else positive can be said about it, at least sometimes spam can be good for a laugh. Sophos proves the point with their latest find - a spam ... Read More

In its simplest form, behavior blocking monitors file activities, preventing certain modifications to the operating system or related files. For example, behavior blockers may monitor the system registry, and warn ... Read More

In Testing Hocus Pocus, I questioned the methodology of the Consumer Reports tests and the conclusions drawn from those results. Now it turns out the Consumer Reports tests are even ... Read More

A Q&A in the Seattle Times gives what I feel is erroneous advice to a reader asking about antivirus software. Specifically, the reader noted they were using "Norton", their subscription ... Read More

David Lazarus of the San Francisco Chronicle reveals that phishing was the motive behing the recent AT&T hacking in which thousands of DSL customers had their personal details stolen. The ... Read More

It happens without fail. I check my email and there it is. Yet another email with "Michael Eslick" in the subject line. I admit, it's driving me nuts. Who is ... Read More