Dennis Fisher

The attack that compromised Google’s corporate network and the systems of more than 30 other companies in recent weeks appears to be the work of smart, careful and very well-informed attackers who knew exactly whom to target and what to take once they were inside, security experts  say.

Math is hard and cryptography is even harder. So in light of the news that another of the ciphers used to secure traffic on 3G GSM networks has been cracked, we turned to mathematician and cryptographer Bruce Schneier to explain the attack and its ramifications.

A group of cryptographers has developed a new attack that has broken Kasumi, the encryption algorithm used to secure traffic on 3G GSM wireless networks. The technique enables them to recover a full key by using a tactic known as a related-key attack, but experts say it is not the end of the world for Kasumi.

In the world of botnets and denial-of-service attacks, 2009 was a very interesting year. While a handful of large, noisy botnets got most of the attention, there were thousands of serious, prolonged DDoS attacks that not only chewed up huge amounts of bandwidth but likely caused major problems for the targeted organizations.

Adobe recently released a blacklisting framework that enables users to stop JavaScript from calling some APIs. This video gives users a walk-through of how to define which APIs they want to prevent JavaScript from being able to call.

Microsoft and its endless portfolio of products have been the favorite targets of attackers for more than a decade now. But if the events of the past year or so are any indication, it looks like that dubious distiniction now belongs to Adobe.

The security researcher who created the MySpace XSS worm in 2005 has developed a technique that enables an attacker to accurately locate a Web user with GPS coordinates, without using IP-based geolocation.