Robert Lemos

The increasingly frequent attacks in cyberspace make the Web look a lot like the mob-infested cities of the 1920s. Through spam, phishing attacks, and merchant fraud, online criminals are making a lot of money on the Internet, and they don’t take kindly to anyone messing with their businesses.
PC Magazine

[Read more →]

Hardly a week goes by without companies and universities losing digital identities. What can be done?
PC Magazine

[Read more →]

Prosecutors and consumer advocates are on the attack against adware. Is a future without deceptive ad software attainable?
PC Magazine

[Read more →]

Today, cell-phone viruses are not a big deal. But if you think your phone will always be safe, think again.
PC Magazine

[Read more →]

Passwords are quickly becoming passé. For years, security experts have warned that our reliance on passwords leaves valuable data unprotected. … But switching to a more secure way of doing business will require time, and until then, users are left with password security.
PC Magazine

[Read more →]

If a respectable-looking person handing out sample CDs on the street offered you one, would you take it home and run it? If he handed it to you on your commute to the office, would you run it at work? If someone called and said she was with IT and needed your computer’s password, would [...]

[Read more →]

You’re at the airport and your flight is delayed, so you open your laptop and start working. Unbeknownst to you, your laptop’s wireless could be putting your computer in danger.
PC Magazine

[Read more →]

In 2006, Apple’s operating system will likely see major attacks.
PC Magazine

[Read more →]

Falling prey to online identity theft takes only a few minutes, but the cost can be high.
PC Magazine

[Read more →]

Community-led efforts sometimes deliver security fixes before developers. Should you trust these solutions, or will they make your systems less secure?

As 2005 wound down, security professionals were worried. A major Microsoft Windows vulnerability had come to light that compromised computers if users did as little as visit a malicious Web site or view images with malicious code embedded. Attacks exploiting the flaw—a vulnerability in the handling of the Windows Meta File (WMF) format—had begun appearing by New Year’s Day.

Compared with the speed of events, Microsoft responded slowly. It presented a workaround that worked only in some cases and advised worried users to update their antivirus programs. Microsoft’s patch wasn’t available until it was fully tested, on January 6.

The episode was the most significant “zero-day” attack to date. So called because security professionals have no window (zero days) to respond to a vulnerability before an attack arrives, zero-day attacks have become a significant threat in the last few years. Though it’s understandable that Microsoft would release only a well-tested patch, this was cold comfort to security-conscious users wondering if the next image they viewed would be the one to compromise their systems.

[Read more →]