Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.
Microsoft has released seven advisories -- all rated critical -- with patches for at least 19 vulnerabilities affecting the Windows operating system, the widely deployed Office productivity suite and the dominant Internet Explorer browser. Vista is affected by 6 of the 19 flaws.
Like an old grandfather clock, the controversy surrounding last month's CanSecWest MacBook hijack contest just keeps on ticking, loud enough to stick in your ear but so monotonous and tiring that it's near impossible to perk up and listen.
Say what you want about the ethics of the "month of bugs" phenomenon, these vulnerability disclosure projects are getting immediate -- and valuable -- results.
Next week's Patch Tuesday updates from Microsoft will include fixes for a wide range of "critical" vulnerabilities in the Windows, Office and Exchange product lines, the software giant announced today.As part of its advance notice mechanism, Microsoft said a total of 7 bulletins will be released on May 8, 2007.
Secunia is muscling its way into the corporate vulnerability scanning market with a new tool that challenges established players like Tenable, Qualys and Sourcefire.
After a brief lull -- and two fakes -- the "month of bugs" security projects are back, taking aim this time at flaws in ActiveX controls used by software developers.
Apple has released QuickTime 7.1.6 to patch the code execution hole discovered by Dino Dai Zovi and exposed during the CanSecWest MacBook hijack contest.
Security holes in two popular desktop software applications could put millions of computer users at risk of code execution attacks. The flaws, rated "highly critical," were flagged in the Trillian cross-platform IM program and Nullsoft's Winamp media player.
Verisign is expected to announce a deal with Innovative Card Technologies to equip banks and e-commerce sites with cards that work with its two-factor authentication system.
CNET News.com security reporter Joris Evers is leaving the journalism field to take a job in McAfee's PR department.