Web developers, fix thy Flash
Flaws that allow cross-site scripting attacks through Adobe Flash files could let attackers compromise online accounts and local networks. Yet, Web publishers have been slow to fix their sites, a security researcher says.
Hacking contest highlights value of vulnerabilities
After a handful of critics slammed the modest cash prizes, larger bounties will be offered to the security pros that successfully compromise any of three laptops at a coming conference.
House aims to scrutinize warrantless taps
The fight over a law to grant the U.S. government greater surveillance capabilities intensifies as House Democrats refuse to give telcos immunity for allowing past wiretaps without warrants.
Browser makers focus on beating malware
Microsoft announces two features in Internet Explorer 8 aimed at better securing Web surfers, and Mozilla incorporates more security into Firefox 3.
Law makers voice concerns over cybersecurity plan
Members of Congress seek more details of cyber attacks targeting the federal government and worry that the recently announced Cyber Initiative will undermine privacy.
Worries over "good worms" rise again
A Microsoft researcher studies the use of self-propagation for patching, but for most of the security industry, any worm is a bad worm.
Federal agencies miss deadline on secure configs
The U.S. government has made progress on moving to a standard configuration for Windows XP and Windows Vista systems, but work remains.
Universities fend off phishing attacks
Online fraudsters send e-mail messages that masquerade as help-desk requests for usernames and passwords.
Estonia fines man for DDoS attacks
The northern European country levies a $1,600 fine against an ethnic Russian man convicted of helping organize distributed denial-of-service attacks against government Web sites.
Antivirus firms, test labs to form standards group
The makers of antivirus software as well as independent and media-sponsored testing labs have agreed to create an industry group to standardize on methods of evaluating anti-malware programs.