what we’re reading, week of 1/12
von VPNHaus | 15.01.2009 |Highlights
From Zero Day…
RIM warns of BlackBerry PDF processing vulnerabilities
Ryan Naraine reports that hackers can use “booby-trapped PDF attachments” sent to BlackBerry devices to launch malicious code execution attacks. Raw details are included in the article. It is urged for BlackBerry users to update their devices accordingly.
From around the Blogosphere…
The SANS Institute released a list of the 25 Most Dangerous Programming Errors. The list has stirred up a lot of buzz around the topic. Here are three different perspectives that we thought were significant.
Byron Acohido from Zero Day Threat says, “For now, let’s savor the moment. Hopefully, the collaborative consensus among a diverse collection of 37 organizations — including Microsoft, Oracle, EMC, Apple, the NSA, DHS and an amalgam of tech security firms — that produced the Top 25 flaws will emerge as a model. It is an example of the type of for-the-greater-good, public-private collaboration needed to stem cybercrime.”
Adam O'Donnell from ZD Net does not think the list will make the flaws go away, but believes it’s a powerful tool. It provides organizations that are looking to purchase software a metric it can use “to beat up on potential investors”.
Lori MacVittie from DevCentral also believes the list is a powerful tool, but urges people to continue their current security habits and stay current on new security trends.