What's the current state of the crimeware threat? Just how vibrant is the underground marketplace when it comes to crimeware? What are ISPs doing, and should ISPs be doing to solve the problem? Does taking down a cybecrime-friendly ISP has any long term effects?

Facebook is warning its users on an ongoing BredoLab malware serving campaign using the well known "Facebook Password Reset Confirmation Customer Support" social engineering theme.

Sourcefire's Matthew Olney examines vendor response to security issues and highlights the value of exploit code as part of defending computer systems.

Over the past week, security researchers and vendors have been playing a cat-and-mouse game with a cybercrime-friendly ISP known as TROYAK-AS, one of the key "phone back" locations for the command and control servers of Zeus-serving malware campaigns for Q1, 2010.

Microsoft today issued patches for seven potentially dangerous security flaws in the Microsoft Excel worksheet software

Researchers from PandaSecurity have detected Conficker and Mariposa malware samples shipped on a recently purchased Vodafone HTC Magic smartphone.

Spanish Ministry of Interior arrests 3 botnet masters operating a 12M+ infected hosts botnet that managed to steal sensitive data from 800,000 users across 190 countries, some of which include Fortune 1000 companies and 40 major banks.

The vulnerability, discovered by Aviv Raff, could potentially allow an attacker to download and install unauthorized software onto a user's system.

A recently uncovered network of compromised hosts dubbed, the "Kneber botnet", managed to successfully infect 75,000 hosts within over 2,500 organizations internationally.

With millions of personal records and payment card information stolen on a regular basis, several recently released reports independently confirm the source of breaches. Not surprisingly, that's not zero day flaws, but good old fashioned SQL injections next to malware.