Vulnerabilities and exploits

This month’s patch Tuesday is comprised of three bulletins covering four vulnerabilities. Two bulletins affect Windows while the other affects Office. The Windows vulnerabilities affect all currently supported client OS’s.

A new blog update from Google promises a response to deal with the outbreak of the so called “DroidDream” Android malware that went live on the Android Market last week

The “off-by-one” vulnerability is an old concept. Here is a description from Wikipedia:

An off-by-one error (OBOE) is a logical error involving the discrete equivalent of a boundary condition. It often occurs in computer programming when an iterative loop iterates one time too many or too few. Usually this problem arises when a programmer fails to take into account that a sequence starts at zero rather than one (as with array indices in many languages), or makes mistakes such as using “is less than or equal to” where “is less than” should have been used in a comparison.

The word ‘leak’ has become rather popular in recent times, but few of us actually realize just how likely it is that our own personal information could be leaked

Here’s the latest of our malware wallpaper calendars.

I don’t know about the rest of the world, but in Russia the most popular SMS message is “Where are you?” But very soon that particular question is going to be irrelevant.
A few days ago Gartner published its list of the top 10 mobile applications to watch out for in 2012. First place went to Location-Based Services (LBS).

The story of how HBGary Federal’s network was recently hacked, resulting in the leak of numerous emails belonging to the US cyber-security firm’s employees and bosses has been big news over the last few days.

This is Kaspersky Lab’s annual threat analysis report covering the major issues faced by corporate and individual users alike as a result of malware, potentially harmful programs, crimeware, spam, phishing and other different types of hacker activity.

This section of the report forms part of Kaspersky Security Bulletin 2010 and is based on data obtained and processed using the Kaspersky Security Network (KSN). KSN integrates cloud-based technologies into personal and corporate products and is one of Kaspersky Lab’s most important innovations.

An opened WiFi is more dangerous than you think. You should pay a special attention, especially if you travel a lot.

In January we published the first of our malware wallpaper calendars. Here’s the latest wallpaper.

ICQ client used to push malicious ads that lead fake anti-virus.

What happens when all of your personal data is readily available for use by a cybercriminal?

A new year has broken – a new peer-to-peer botnet is on the rise.

We’d like to wish all our readers a very happy New Year and offer you a small gift – a selection of wallpaper calendars with the dates of the most significant events in the history of the IT security industry.