Paul Roberts

NYT Goes Deep On Albert Gonzalez Story

You might think everything that needed to be said already has been said about Albert Gonzalez, the mastermind behind the largest public computer security breaches in U.S. history. But the lengthy and up close account of Gonzalez in the New York Times today shows that there are more layers to what is, perhaps, the most spectacular hacking case in recent memory.

FireSheep Fallout: Microsoft Adds HTTPS Option for Hotmail

Three weeks after researchers unveiled a plugin that allows Firefox Web browser users to snoop on the Webmail and social networking sessions of those around them, Microsoft has announced an option that will allow users of its Hotmail Web e-mail program to browse securely. 

Critical Office Hole Patched In November Release

Microsoft issued its monthly patch on Tuesday, releasing three security bulletins to fix security holes in a range of products, including a critical hole in versions of the Microsoft Office Suite. The three bulletins, MS10-087, 088 and -089 fixed a total of 11 vulnerabilities, five in Microsoft Office, two in Microsoft Office PowerPoint and four in Microsoft Unified Access Gateway. The release comes one month after a massive, October patch consisting of 16 bulletins addressing 49 vulnerabilities across a range of products.


UPDATE: A researcher at security firm Alert Logic has published code that could be used to compromise some versions of Google’s Android Operating System. The exploit, if properly adapted, could make Android phones vulnerable to remote attacks and compromises.

Days after publishing a report on serious security lapses in the PayPal mobile payments application for the iPhone, a Chicago firm has released an analysis that finds similar problems in a mobile banking applications by Bank of America and Wells Fargo.

eBay’s PayPal online payment division is rushing a software patch to users of its iPhone mobile payments application to plug a hole that leaves users vulnerable to man-in-the-middle and phishing attacks, but the firm that found that hole said transaction security is just one problem facing the mobile payments application.

The nation of Myanmar, formerly known as Burma, found its access to the Internet severed by a massive denial of service attack, according to a report by Arbor Networks. The source or motivation of the attack isn’t known, but it is believed that the distributed denial of service (DDoS) attacks have targeted the country’s Ministry of Post and Telecommunication (or PTT), the main conduit for Internet traffic in and out of the authoritarian nation.