The iPhone security non-story
David Maynor is hoarding his Safari browser flaws with his eyes on the iPhone.As far back as January, hackers were asking questions about the iPhone CPU and preparing for attack scenarios.
Zero Day
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Ryan Naraine
Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.
Dancho Danchev
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.
Latest Posts
Pump-and-dump spammers turn to PDFs
Anti-virus researchers at McAfee are reporting a massive wave of "pump-and-dump" stock spam -- with a interesting twist.
What's the 6th worst job in science?
It lies right between the "coursework carcass preparer" and the "gravity research project," according to this amusing top-ten list from PopSci.com
More Safari for Windows security holes patched
Apple has refreshed its new Safari for Windows browser to patch a pair of vulnerabilities that could cause spoofing and HTTP redirection attacks.
Flaw counting comparisons useful but fall short of true picture
The Windows vs Linux security report card that I wrote about from TechEd two weeks ago is officially out and Microsoft has stepped up its PR campaign to argue that Windows Vista has a "lower vulnerability fix and disclosure rate" than competitive Linux distributions.
Month of search engine bugs humming along
Almost without notice, the ongoing month of search engine bugs is chugging along, discussing and exposing some some rather serious vulnerabilities in some of the world's most popular search engines.
Now showing: Apple TV security flaw
Apple issues an update to Apple TV to fix a remotely exploitable buffer overflow that could allow code execution attacks.
Skeletons in Microsoft's Patch Day closet
Last Tuesday, when Microsoft released the MS07-030 bulletin to fix a remote code execution hole in Visio, the first line in the executive summary caught my attention:This important update resolves two privately reported vulnerabilities in addition to other security issues identified during the course of the investigation.
Does Trillian have a crapware problem?
StopBadware.org researcher Liana Leahy has taken Cerulean Studios to task for bundling two third-party applications into the popular free Trillian IM client, arguing that users who are not careful during the Trillian installation process could end up with a crapware problem.
Firefox narrows patch deployment window
Mozilla security chief Window Snyder has dismissed the counting of vulnerabilities as a "misleading metric," suggesting that the time it takes to release -- and deploy -- software patches should carry more weight.