Now showing: Apple TV security flaw
Apple issues an update to Apple TV to fix a remotely exploitable buffer overflow that could allow code execution attacks.
Zero Day
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Ryan Naraine
Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.
Dancho Danchev
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.
Latest Posts
Skeletons in Microsoft's Patch Day closet
Last Tuesday, when Microsoft released the MS07-030 bulletin to fix a remote code execution hole in Visio, the first line in the executive summary caught my attention:This important update resolves two privately reported vulnerabilities in addition to other security issues identified during the course of the investigation.
Does Trillian have a crapware problem?
StopBadware.org researcher Liana Leahy has taken Cerulean Studios to task for bundling two third-party applications into the popular free Trillian IM client, arguing that users who are not careful during the Trillian installation process could end up with a crapware problem.
Firefox narrows patch deployment window
Mozilla security chief Window Snyder has dismissed the counting of vulnerabilities as a "misleading metric," suggesting that the time it takes to release -- and deploy -- software patches should carry more weight.
Google releases Safe Browsing API
Google has released an experimental Safe Browsing API to allow third party developers to check URLs against blacklists of suspected phishing and malware sites.
Russian hackers hijack Italian sites to serve exploits
The Russian crime ring behind the infamous WebAttacker/MPack exploit toolkit hacked into thousands of Italian Web sites over the weekend and used a one-line snippet of code to redirect surfers to a server rigged with drive-by exploits.
Windows v Linux - Days of risk in 2006
Microsoft's Jeff Jones has released his "days of risk" comparison of security vulnerabilities fixed in the major workstation operating systems in an attempt to prove his controversial argument that Windows users are arguably safer than those using Linux, Mac OS X or Solaris.I recently wrote about Jones' presentation this year's TechEd conference where he discussed the metrics and techniques used to keep track of OS vulnerabilities and offered an early glimpse at his ongoing 2007 report card.
Securing Safari: How to run Apple's browser securely
Here are several steps you can take to disable various features in Safari to reduce the risk of hacker attacks.
There's a hole in your laptop, dear HP, dear HP
There's a very serious vulnerability in the Help and Support Center utility that ships with HP laptops.
Apple plugs three Safari for Windows holes
Apple has responded swiftly to the discovery of vulnerabilities in its new Safari for Windows browser, rushing out fixes for a trio of potentially dangerous security flaws.