I got a spam email from my friend who has a hotmail account. It looks like the spam has been sent to everyone in his hotmail distribution list. My question is, how did the hackers do this? Did they need his password in order to get access to his distribution list? As far as I know he is still able to use his account which puzzles me. Wouldn't a hacker (if he had the password) quickly change the password so that they could keep sending spam out on that account?
How secure is Firefox 2.0? I recently attended a short seminar on Web security and the horrors of "drive by downloading". So how vulnerable is the latest version of Firefox 2.0 to this type of nastiness? What about 3.0? [more inside]