Dennis Fisher

As the world prepares for the complete destruction of the Internet tomorrow when the Conficker worm makes a small change in its communication protocol, a voice of reason has emerged from the wilderness. The Honeynet Project on Monday released a paper with a detailed analysis of the worm as well as some weaknesses in its design that allow for identification of infected machines.

In the debut episode of the Digital Underground Podcast, Dennis Fisher talks to Paul Judge, founder and CTO of Purewire, about the security of cloud computing services, reputation systems and the growing threat of social networks.

As a result of some tremendous work done by researchers at the University of Toronto, we now know that there is an enormous network of compromised machines in more than 100 countries around the world, many of them in government agencies, embassies and other sensitive locations.

VoIP phones have taken off in both the enterprise and the consumer markets, thanks to their ease of deployment and low operating costs. But, as this video from Enablesecurity shows, there are a number of security risks that have yet to be addressed.

When Mark Dowd and Alex Sotirov demonstrated a technique for bypassing Vista’s memory protections at Black Hat last year, the security community was stunned. Microsoft officials said at the time they were working on ways to defeat the pair’s attack and now that protection has arrived, in the form of Internet Explorer 8.

By Paul F. Roberts, The 451 Group
The security of smartphones such as the iPhone, Windows Mobile devices and the T-Mobile G1 has come under a lot of scrutiny lately. Each device has its own unique security model, and in the case of the iPhone, Apple has kept its platform closed to third-party security vendors. But that’s not stopping some of them from making an end run around Apple and creating their own security applications for the hugley popular device.

Microsoft has hired yet another well-known security researcher to join its ever-growing team of exploit and defense experts. This time it’s Ken Johnson, known in the hacker world as Skywing. Johnson is known as an expert on debugging and reverse engineering, and has done a tremendous amount of work tearing apart Windows defenses specifically.