Trusteer's recently launched "Attack Trace" search engine aims to help financial institution by letting them search through the configuration files of popular banker malware SilentBanker, WSNPOEM/Zeus/PRG/Zbot and Torpig in order for them to verify whether or not their sites are targeted. And while the search engine is a marketable way...

* Ryan Naraine is traveling. Guest editorial by Paul F. Roberts You may have heard the news that everybody's favorite social network, Facebook, won a big legal settlement on Monday against spammers who were using the 100 million strong network to distribute what the...

Malware researchers at BitDefender are reporting on a newly discovered malware (Trojan.PWS.ChromeInject.B) that when once dropped in Firefox's add-ons directory starts operating as such, and attempts to steal accounting data from a predefined list of over a hundred E-banking sites. Once the accounting data is obtained, it's forwarded to a...

It's long been established that the unpatched state of the Windows monoculture is the reason we are facing a malware epidemic. Yet, the latest vulnerability patching statistics from Secunia's PSI Personal Software Inspector is a major eye-opener for everyone tracking the security of the Windows ecosystem.  According...

Recent advances in the computing side of remote sensing mean that it's now possible to bounce a beam off someone's nose from 400 feet away and reliably determine whether his face has been unprotected near gunfire in the last month or so - and the implications these developments have for...

* Ryan Naraine is traveling. Guest editorial by Slavik Markovich Every quarter, around the time of the Oracle Critical Patch Update CPU or the Microsoft "Patch Tuesday," rituals take place – some behind closed doors, others in the media. Web sites report of the...

A few weeks ago I saw that students at my alma mater organized a small botnet to push Drexel to the front of the queue for Victoria's Secret's line of university branded underwear. It took a brief remark from a blog I frequent to make me realize that there...

Following ICANN's notice of termination sent to cybercrime-friendly domain registrar EstDomains in October, on the 24th of November the termination became a reality and EstDomains is no more. Despite the public concerns of who will take the 280,000 domains, and that includes the cybercrime facilitating ones, Directi's ResellerClub is new...

Microsoft's Live Search team has officially announced the integration of warnings for potentially malware infected sites within Live Search, following last week's introduction of a malware warning service aimed at webmasters. According to a post by Christian Seifert, Software Design Engineer at Live Search Anti-Spam & Anti-Malware...

On November 21 the blogosphere was abuzz when Apple updated a technical note on its Support Web site that says Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult....

Eagle-eyed Elinor Mills, reporter at sister site CNET, has the scoop that Apple has removed the 2007 item from its support site late last night that urged Mac customers to use multiple antivirus utilities. Now, the company says the Mac is safe "out of the box."(What say...

The knowledge base article on Apple's support site which encouraged the widespread use of antivirus software on Mac systems has been removed, but the idea that Mac users might still benefit from protection still lives on. by Adrian Kingsley-Hughes

As fellow ZDNet blogger, Adrian Kingsley-Hughes, notes, Apple now recommends the use of antivirus software on your Mac. UGH. Really? The relative immunity of Macs to the plethora of malware floating about the Net has always been a selling point for the machines, especially in schools. ...

* Ryan Naraine is traveling. Guest editorial by Ivan Arce On January 15, 2008, the Vatican released a statement indicating that Pope Benedict XVI had canceled his visit to Italian La Sapienza University as a result of a series of protests...

People seemed to get into a tizzy about Apple posting an announcement recommending Anti-Virus software for Macs. Even though it was retracted, I do think that Apple priming Mac users for the eventuality of widespread malware is a good idea. People who believe that the fundamental design of...

If you work with computers (especially around children, but I don't think that not working around children makes you immune to what happened) then what happened to the Connecticut substitute teacher Julie Amero should both shock and disturb you. Is your employer doing enough to prevent you from being the...

I suggested that prosecutors and the Meiers think about a deal with Drew in which she waives her right to appeal. Many people wrote in to say no, along these lines: Drew bullied and by the end of the day a 13 year old girl...

Here are today's notable headlines. You can get News To Know via email alert and RSS daily: Christopher Dawson: Just what does it take to switch to desktop Linux (part 2)? Ryan Naraine: Apple: Mac users should run multiple anti-virus Breaking...

* Ryan Naraine is traveling. Guest editorial by Mike Rothman Given that this blog is called "Zero Day," I think it's fitting that I'm calling for most security professionals to ignore most of what comes out of the security research community. To be...

When someone mentions the "gulf of execution" I tend to think Tonkin or bay of pigs, but in IT the term has another meaning entirely - more akin. I think, to "gulf of delusion" than anything to do with geography or mission. by Paul Murphy